CVE-2019-3698
published 2020-02-28CVE-2019-3698: UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11…
high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1 and prior versions.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nagios | nagios | < 3.5.1 | 3.5.1 |
| nagios | nagios | < 3.0.6 | 3.0.6 |
| opensuse | backports_sle | — | — |
| opensuse | factory | nagios – 4.4.5-2.1 | — |
| opensuse | leap | — | — |
| suse | suse_linux_enterprise_server_11 | nagios – 3.0.6-1.25.36.3.1 | — |
| suse | suse_linux_enterprise_server_12 | nagios – 3.5.1-5.27 | — |