Nagios XI Privilege Escalation Vulnerability via Crontab Installation Race Condition

A privilege escalation vulnerability has been identified in Nagios XI versions prior to 2011R1.9. The issue arises from race conditions and inadequate validation in the scripts that manage system crontab entries. A local user with low privileges could exploit these vulnerabilities by manipulating the filesystem state during the crontab installation process. This manipulation could influence the execution of files or commands with elevated privileges, leading to unauthorized access or actions.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling a low-privileged user to execute commands or access files with higher privileges, potentially leading to a full system compromise.

Reproduction

The vulnerability can be reproduced by a local user with low privileges who can manipulate the crontab installation process. This can be done by creating a race condition that exploits the timing of file or command executions, taking advantage of the lack of proper synchronization or validation in the crontab management scripts.

Remediation

Users can upgrade to Nagios XI version 2011R1.9 or later, where this vulnerability has been addressed.