An issue was discovered in Icinga 2.x through 2.8.1. By editing the init.conf file, Icinga 2 can be run as root. Following this the program can be used to run arbitrary code as root. This was fixed by no longer using init.conf to determine account information for any root-executed code (a larger issue than CVE-2017-16933).
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-02-27T19:00:00

Updated: 2024-08-05T06:10:10.143Z

Reserved: 2018-02-02T00:00:00

Link: CVE-2018-6533

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-02-27T19:29:00.450

Modified: 2024-11-21T04:10:51.017

Link: CVE-2018-6533

cve-icon Redhat

No data.