PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an unprivileged account but root code execution depends on these files, which allows local users to gain privileges by leveraging access to this unprivileged account.Referenceshttps://security.gentoo.org/glsa/201806-09https://github.com/lingej/pnp4nagios/issues/140
