Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-10089 (GCVE-0-2016-10089)
Vulnerability from cvelistv5
Published
2017-02-15 15:00
Modified
2024-08-06 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
References
| ► | URL | Tags | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:32.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95171",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95171"
},
{
"name": "[oss-security] 20161230 Re: CVE request: Nagios: Incomplete fix for CVE-2016-8641",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/30/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-22T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "95171",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95171"
},
{
"name": "[oss-security] 20161230 Re: CVE request: Nagios: Incomplete fix for CVE-2016-8641",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/30/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95171",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95171"
},
{
"name": "[oss-security] 20161230 Re: CVE request: Nagios: Incomplete fix for CVE-2016-8641",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/30/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10089",
"datePublished": "2017-02-15T15:00:00",
"dateReserved": "2016-12-30T00:00:00",
"dateUpdated": "2024-08-06T03:07:32.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-10089\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-02-15T15:59:00.277\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.\"},{\"lang\":\"es\",\"value\":\"Nagios 4.3.2 y anteriores permite a los usuarios locales obtener privilegios root mediante un ataque de v\u00ednculo f\u00edsico en el archivo de script init de Nagios. Esta vulnerabilidad est\u00e1 relacionada con CVE-2016-8641.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nagios:nagios:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.2.4\",\"matchCriteriaId\":\"46169755-05CD-4043-A730-5A4D2433D407\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2016/12/30/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95171\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/12/30/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95171\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
}
}
suse-su-2018:3240-1
Vulnerability from csaf_suse
Published
2018-10-19 09:23
Modified
2018-10-19 09:23
Summary
Security update for nagios
Notes
Title of the patch
Security update for nagios
Description of the patch
This update for nagios fixes the following issues:
- CVE-2016-8641 / CVE-2016-10089: fixed possible symlink attacks for files/directories created by root (bsc#1011630 / bsc#1018047)
Patchnames
sdksp4-nagios-13820,slessp4-nagios-13820
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nagios",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nagios fixes the following issues:\n\n- CVE-2016-8641 / CVE-2016-10089: fixed possible symlink attacks for files/directories created by root (bsc#1011630 / bsc#1018047)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-nagios-13820,slessp4-nagios-13820",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3240-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:3240-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183240-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:3240-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004743.html"
},
{
"category": "self",
"summary": "SUSE Bug 1011630",
"url": "https://bugzilla.suse.com/1011630"
},
{
"category": "self",
"summary": "SUSE Bug 1018047",
"url": "https://bugzilla.suse.com/1018047"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10089 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8641 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8641/"
}
],
"title": "Security update for nagios",
"tracking": {
"current_release_date": "2018-10-19T09:23:30Z",
"generator": {
"date": "2018-10-19T09:23:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:3240-1",
"initial_release_date": "2018-10-19T09:23:30Z",
"revision_history": [
{
"date": "2018-10-19T09:23:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nagios-3.0.6-1.25.36.3.1.i586",
"product": {
"name": "nagios-3.0.6-1.25.36.3.1.i586",
"product_id": "nagios-3.0.6-1.25.36.3.1.i586"
}
},
{
"category": "product_version",
"name": "nagios-devel-3.0.6-1.25.36.3.1.i586",
"product": {
"name": "nagios-devel-3.0.6-1.25.36.3.1.i586",
"product_id": "nagios-devel-3.0.6-1.25.36.3.1.i586"
}
},
{
"category": "product_version",
"name": "nagios-www-3.0.6-1.25.36.3.1.i586",
"product": {
"name": "nagios-www-3.0.6-1.25.36.3.1.i586",
"product_id": "nagios-www-3.0.6-1.25.36.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nagios-devel-3.0.6-1.25.36.3.1.ia64",
"product": {
"name": "nagios-devel-3.0.6-1.25.36.3.1.ia64",
"product_id": "nagios-devel-3.0.6-1.25.36.3.1.ia64"
}
},
{
"category": "product_version",
"name": "nagios-3.0.6-1.25.36.3.1.ia64",
"product": {
"name": "nagios-3.0.6-1.25.36.3.1.ia64",
"product_id": "nagios-3.0.6-1.25.36.3.1.ia64"
}
},
{
"category": "product_version",
"name": "nagios-www-3.0.6-1.25.36.3.1.ia64",
"product": {
"name": "nagios-www-3.0.6-1.25.36.3.1.ia64",
"product_id": "nagios-www-3.0.6-1.25.36.3.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "nagios-devel-3.0.6-1.25.36.3.1.ppc64",
"product": {
"name": "nagios-devel-3.0.6-1.25.36.3.1.ppc64",
"product_id": "nagios-devel-3.0.6-1.25.36.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "nagios-3.0.6-1.25.36.3.1.ppc64",
"product": {
"name": "nagios-3.0.6-1.25.36.3.1.ppc64",
"product_id": "nagios-3.0.6-1.25.36.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "nagios-www-3.0.6-1.25.36.3.1.ppc64",
"product": {
"name": "nagios-www-3.0.6-1.25.36.3.1.ppc64",
"product_id": "nagios-www-3.0.6-1.25.36.3.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "nagios-devel-3.0.6-1.25.36.3.1.s390x",
"product": {
"name": "nagios-devel-3.0.6-1.25.36.3.1.s390x",
"product_id": "nagios-devel-3.0.6-1.25.36.3.1.s390x"
}
},
{
"category": "product_version",
"name": "nagios-3.0.6-1.25.36.3.1.s390x",
"product": {
"name": "nagios-3.0.6-1.25.36.3.1.s390x",
"product_id": "nagios-3.0.6-1.25.36.3.1.s390x"
}
},
{
"category": "product_version",
"name": "nagios-www-3.0.6-1.25.36.3.1.s390x",
"product": {
"name": "nagios-www-3.0.6-1.25.36.3.1.s390x",
"product_id": "nagios-www-3.0.6-1.25.36.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nagios-3.0.6-1.25.36.3.1.x86_64",
"product": {
"name": "nagios-3.0.6-1.25.36.3.1.x86_64",
"product_id": "nagios-3.0.6-1.25.36.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "nagios-devel-3.0.6-1.25.36.3.1.x86_64",
"product": {
"name": "nagios-devel-3.0.6-1.25.36.3.1.x86_64",
"product_id": "nagios-devel-3.0.6-1.25.36.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "nagios-www-3.0.6-1.25.36.3.1.x86_64",
"product": {
"name": "nagios-www-3.0.6-1.25.36.3.1.x86_64",
"product_id": "nagios-www-3.0.6-1.25.36.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.i586"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-devel-3.0.6-1.25.36.3.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.i586"
},
"product_reference": "nagios-devel-3.0.6-1.25.36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-devel-3.0.6-1.25.36.3.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ia64"
},
"product_reference": "nagios-devel-3.0.6-1.25.36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-devel-3.0.6-1.25.36.3.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ppc64"
},
"product_reference": "nagios-devel-3.0.6-1.25.36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-devel-3.0.6-1.25.36.3.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.s390x"
},
"product_reference": "nagios-devel-3.0.6-1.25.36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-devel-3.0.6-1.25.36.3.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.x86_64"
},
"product_reference": "nagios-devel-3.0.6-1.25.36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.i586"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.i586"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-3.0.6-1.25.36.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64"
},
"product_reference": "nagios-3.0.6-1.25.36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nagios-www-3.0.6-1.25.36.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64"
},
"product_reference": "nagios-www-3.0.6-1.25.36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10089"
}
],
"notes": [
{
"category": "general",
"text": "Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10089",
"url": "https://www.suse.com/security/cve/CVE-2016-10089"
},
{
"category": "external",
"summary": "SUSE Bug 1011630 for CVE-2016-10089",
"url": "https://bugzilla.suse.com/1011630"
},
{
"category": "external",
"summary": "SUSE Bug 1018047 for CVE-2016-10089",
"url": "https://bugzilla.suse.com/1018047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-19T09:23:30Z",
"details": "moderate"
}
],
"title": "CVE-2016-10089"
},
{
"cve": "CVE-2016-8641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8641"
}
],
"notes": [
{
"category": "general",
"text": "A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It\u0027s possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8641",
"url": "https://www.suse.com/security/cve/CVE-2016-8641"
},
{
"category": "external",
"summary": "SUSE Bug 1011630 for CVE-2016-8641",
"url": "https://bugzilla.suse.com/1011630"
},
{
"category": "external",
"summary": "SUSE Bug 1018047 for CVE-2016-8641",
"url": "https://bugzilla.suse.com/1018047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.3.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-19T09:23:30Z",
"details": "moderate"
}
],
"title": "CVE-2016-8641"
}
]
}
suse-su-2018:3620-1
Vulnerability from csaf_suse
Published
2018-11-05 16:57
Modified
2018-11-05 16:57
Summary
Security update for icinga
Notes
Title of the patch
Security update for icinga
Description of the patch
This update for icinga fixes the following issues:
Security issues fixed:
- CVE-2015-8010: Fixed XSS in the icinga classic UI (boo#952777)
- CVE-2016-8641 / CVE-2016-10089: fixed a possible symlink attack for files/dirs created by root (boo#1011630 and boo#1018047)
Patchnames
SUSE-SLE-Manager-Tools-12-2018-2580,SUSE-Storage-4-2018-2580
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for icinga",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for icinga fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2015-8010: Fixed XSS in the icinga classic UI (boo#952777)\n- CVE-2016-8641 / CVE-2016-10089: fixed a possible symlink attack for files/dirs created by root (boo#1011630 and boo#1018047)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Manager-Tools-12-2018-2580,SUSE-Storage-4-2018-2580",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3620-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:3620-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183620-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:3620-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-November/004828.html"
},
{
"category": "self",
"summary": "SUSE Bug 1011630",
"url": "https://bugzilla.suse.com/1011630"
},
{
"category": "self",
"summary": "SUSE Bug 1018047",
"url": "https://bugzilla.suse.com/1018047"
},
{
"category": "self",
"summary": "SUSE Bug 952777",
"url": "https://bugzilla.suse.com/952777"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8010 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10089 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8641 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8641/"
}
],
"title": "Security update for icinga",
"tracking": {
"current_release_date": "2018-11-05T16:57:03Z",
"generator": {
"date": "2018-11-05T16:57:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:3620-1",
"initial_release_date": "2018-11-05T16:57:03Z",
"revision_history": [
{
"date": "2018-11-05T16:57:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "icinga-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-1.13.3-12.3.1.aarch64",
"product_id": "icinga-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "icinga-devel-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-devel-1.13.3-12.3.1.aarch64",
"product_id": "icinga-devel-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "icinga-doc-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-doc-1.13.3-12.3.1.aarch64",
"product_id": "icinga-doc-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-idoutils-1.13.3-12.3.1.aarch64",
"product_id": "icinga-idoutils-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"product_id": "icinga-idoutils-mysql-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"product_id": "icinga-idoutils-oracle-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"product_id": "icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"product_id": "icinga-plugins-downtimes-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"product_id": "icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "icinga-www-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-www-1.13.3-12.3.1.aarch64",
"product_id": "icinga-www-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "icinga-www-config-1.13.3-12.3.1.aarch64",
"product": {
"name": "icinga-www-config-1.13.3-12.3.1.aarch64",
"product_id": "icinga-www-config-1.13.3-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "monitoring-tools-1.13.3-12.3.1.aarch64",
"product": {
"name": "monitoring-tools-1.13.3-12.3.1.aarch64",
"product_id": "monitoring-tools-1.13.3-12.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "icinga-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "icinga-devel-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-devel-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-devel-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "icinga-doc-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-doc-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-doc-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-idoutils-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-idoutils-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "icinga-www-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-www-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-www-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "icinga-www-config-1.13.3-12.3.1.ppc64le",
"product": {
"name": "icinga-www-config-1.13.3-12.3.1.ppc64le",
"product_id": "icinga-www-config-1.13.3-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "monitoring-tools-1.13.3-12.3.1.ppc64le",
"product": {
"name": "monitoring-tools-1.13.3-12.3.1.ppc64le",
"product_id": "monitoring-tools-1.13.3-12.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "icinga-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-1.13.3-12.3.1.s390x",
"product_id": "icinga-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "icinga-devel-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-devel-1.13.3-12.3.1.s390x",
"product_id": "icinga-devel-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "icinga-doc-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-doc-1.13.3-12.3.1.s390x",
"product_id": "icinga-doc-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-idoutils-1.13.3-12.3.1.s390x",
"product_id": "icinga-idoutils-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"product_id": "icinga-idoutils-mysql-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"product_id": "icinga-idoutils-oracle-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"product_id": "icinga-idoutils-pgsql-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"product_id": "icinga-plugins-downtimes-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"product_id": "icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "icinga-www-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-www-1.13.3-12.3.1.s390x",
"product_id": "icinga-www-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "icinga-www-config-1.13.3-12.3.1.s390x",
"product": {
"name": "icinga-www-config-1.13.3-12.3.1.s390x",
"product_id": "icinga-www-config-1.13.3-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "monitoring-tools-1.13.3-12.3.1.s390x",
"product": {
"name": "monitoring-tools-1.13.3-12.3.1.s390x",
"product_id": "monitoring-tools-1.13.3-12.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "icinga-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-1.13.3-12.3.1.x86_64",
"product_id": "icinga-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "icinga-devel-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-devel-1.13.3-12.3.1.x86_64",
"product_id": "icinga-devel-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "icinga-doc-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-doc-1.13.3-12.3.1.x86_64",
"product_id": "icinga-doc-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-idoutils-1.13.3-12.3.1.x86_64",
"product_id": "icinga-idoutils-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"product_id": "icinga-idoutils-mysql-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"product_id": "icinga-idoutils-oracle-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"product_id": "icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"product_id": "icinga-plugins-downtimes-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"product_id": "icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "icinga-www-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-www-1.13.3-12.3.1.x86_64",
"product_id": "icinga-www-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "icinga-www-config-1.13.3-12.3.1.x86_64",
"product": {
"name": "icinga-www-config-1.13.3-12.3.1.x86_64",
"product_id": "icinga-www-config-1.13.3-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "monitoring-tools-1.13.3-12.3.1.x86_64",
"product": {
"name": "monitoring-tools-1.13.3-12.3.1.x86_64",
"product_id": "monitoring-tools-1.13.3-12.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 12",
"product": {
"name": "SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12"
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 4",
"product": {
"name": "SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-devel-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-devel-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-devel-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-devel-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-devel-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-devel-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-devel-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-devel-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-doc-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-doc-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-doc-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-doc-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-doc-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-doc-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-doc-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-doc-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-idoutils-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-idoutils-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-idoutils-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-idoutils-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-mysql-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-oracle-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-plugins-downtimes-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-www-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-www-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-www-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-www-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-www-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-www-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-www-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-www-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-www-config-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-www-config-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-www-config-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.ppc64le"
},
"product_reference": "icinga-www-config-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-www-config-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.s390x"
},
"product_reference": "icinga-www-config-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-www-config-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-www-config-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "monitoring-tools-1.13.3-12.3.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.aarch64"
},
"product_reference": "monitoring-tools-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "monitoring-tools-1.13.3-12.3.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.ppc64le"
},
"product_reference": "monitoring-tools-1.13.3-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "monitoring-tools-1.13.3-12.3.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.s390x"
},
"product_reference": "monitoring-tools-1.13.3-12.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "monitoring-tools-1.13.3-12.3.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.x86_64"
},
"product_reference": "monitoring-tools-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-1.13.3-12.3.1.aarch64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.aarch64"
},
"product_reference": "icinga-1.13.3-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "icinga-1.13.3-12.3.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.x86_64"
},
"product_reference": "icinga-1.13.3-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8010"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.aarch64",
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8010",
"url": "https://www.suse.com/security/cve/CVE-2015-8010"
},
{
"category": "external",
"summary": "SUSE Bug 952777 for CVE-2015-8010",
"url": "https://bugzilla.suse.com/952777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.aarch64",
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.aarch64",
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-11-05T16:57:03Z",
"details": "moderate"
}
],
"title": "CVE-2015-8010"
},
{
"cve": "CVE-2016-10089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10089"
}
],
"notes": [
{
"category": "general",
"text": "Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.aarch64",
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10089",
"url": "https://www.suse.com/security/cve/CVE-2016-10089"
},
{
"category": "external",
"summary": "SUSE Bug 1011630 for CVE-2016-10089",
"url": "https://bugzilla.suse.com/1011630"
},
{
"category": "external",
"summary": "SUSE Bug 1018047 for CVE-2016-10089",
"url": "https://bugzilla.suse.com/1018047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.aarch64",
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.aarch64",
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-11-05T16:57:03Z",
"details": "moderate"
}
],
"title": "CVE-2016-10089"
},
{
"cve": "CVE-2016-8641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8641"
}
],
"notes": [
{
"category": "general",
"text": "A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It\u0027s possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.aarch64",
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8641",
"url": "https://www.suse.com/security/cve/CVE-2016-8641"
},
{
"category": "external",
"summary": "SUSE Bug 1011630 for CVE-2016-8641",
"url": "https://bugzilla.suse.com/1011630"
},
{
"category": "external",
"summary": "SUSE Bug 1018047 for CVE-2016-8641",
"url": "https://bugzilla.suse.com/1018047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.aarch64",
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.aarch64",
"SUSE Enterprise Storage 4:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-devel-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-doc-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-mysql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-oracle-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-idoutils-pgsql-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-downtimes-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-plugins-eventhandlers-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:icinga-www-config-1.13.3-12.3.1.x86_64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.aarch64",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.ppc64le",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.s390x",
"SUSE Manager Client Tools 12:monitoring-tools-1.13.3-12.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-11-05T16:57:03Z",
"details": "moderate"
}
],
"title": "CVE-2016-8641"
}
]
}
gsd-2016-10089
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-10089",
"description": "Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.",
"id": "GSD-2016-10089",
"references": [
"https://www.suse.com/security/cve/CVE-2016-10089.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-10089"
],
"details": "Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.",
"id": "GSD-2016-10089",
"modified": "2023-12-13T01:21:26.788958Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95171",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95171"
},
{
"name": "[oss-security] 20161230 Re: CVE request: Nagios: Incomplete fix for CVE-2016-8641",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/30/6"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nagios:nagios:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10089"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95171",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95171"
},
{
"name": "[oss-security] 20161230 Re: CVE request: Nagios: Incomplete fix for CVE-2016-8641",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/30/6"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2017-11-23T02:29Z",
"publishedDate": "2017-02-15T15:59Z"
}
}
}
fkie_cve-2016-10089
Vulnerability from fkie_nvd
Published
2017-02-15 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/12/30/6 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/95171 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/12/30/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95171 | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nagios:nagios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46169755-05CD-4043-A730-5A4D2433D407",
"versionEndIncluding": "4.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641."
},
{
"lang": "es",
"value": "Nagios 4.3.2 y anteriores permite a los usuarios locales obtener privilegios root mediante un ataque de v\u00ednculo f\u00edsico en el archivo de script init de Nagios. Esta vulnerabilidad est\u00e1 relacionada con CVE-2016-8641."
}
],
"id": "CVE-2016-10089",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-15T15:59:00.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/30/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/30/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95171"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-q77f-5m65-8q6j
Vulnerability from github
Published
2022-05-17 00:21
Modified
2022-05-17 00:21
Severity ?
VLAI Severity ?
Details
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
{
"affected": [],
"aliases": [
"CVE-2016-10089"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-15T15:59:00Z",
"severity": "HIGH"
},
"details": "Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.",
"id": "GHSA-q77f-5m65-8q6j",
"modified": "2022-05-17T00:21:59Z",
"published": "2022-05-17T00:21:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10089"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/12/30/6"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/95171"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…