SecuritySpace - CVE-2017-16882

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2017-16882

Description: Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non- root account (and similarly can have etc/icinga.cfg owned by a non- root account), which allows local users to gain privileges by leveraging access to this non-root account, a related issue to CVE-2017-14312. This also affects bin/icingastats, bin/ido2db, and bin/log2ido.

Test IDs: 1.3.6.1.4.1.25623.1.0.140595

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-16882
https://security.gentoo.org/glsa/202007-31
https://github.com/Icinga/icinga-core/issues/1601

CVE ID:	CVE-2017-16882
Description:	Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non- root account (and similarly can have etc/icinga.cfg owned by a non- root account), which allows local users to gain privileges by leveraging access to this non-root account, a related issue to CVE-2017-14312. This also affects bin/icingastats, bin/ido2db, and bin/log2ido.
Test IDs:	1.3.6.1.4.1.25623.1.0.140595
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2017-16882 https://security.gentoo.org/glsa/202007-31 https://github.com/Icinga/icinga-core/issues/1601