CVE-2016-8641

MEDIUM

Nagios 4.2.x - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-8641. PoCs published by Vincent Malguy.

AI-analyzed exploit summary This exploit leverages a privilege escalation vulnerability in Nagios 4.2.2 and prior by manipulating symlinks to gain root access. It compiles a shared library to hijack the `geteuid` function, creating a SUID root shell.

Description

A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Vincent Malguy · bashlocallinux

https://www.exploit-db.com/exploits/40774

View Code ZIP pw:eip

This exploit leverages a privilege escalation vulnerability in Nagios 4.2.2 and prior by manipulating symlinks to gain root access. It compiles a shared library to hijack the `geteuid` function, creating a SUID root shell.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Nagios 4.2.2 and prior

Auth required

Prerequisites: Access to the nagios user account · Nagios service running as root · GCC compiler available

MITRE ATT&CK

T1548.001 - Setuid and Setgid T1574.006 - Dynamic Linker Hijacking

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40774/

Patch, Third Party Advisory x_refsource_confirm

https://github.com/NagiosEnterprises/nagioscore/commit/f2ed227673d3b2da643eb5cad26b2d87674f28c1.patch

Issue Tracking, Patch, Third Party Advisory x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8641

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/95121

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201702-26

Scores

CVSS v3 6.7

EPSS 0.0115

EPSS Percentile 62.8%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-59

Status published

Products (4)

nagios/nagios 4.2.0

nagios/nagios 4.2.1

nagios/nagios 4.2.2

nagios/nagios 4.2.3

Published Aug 01, 2018

Tracked Since Feb 18, 2026