Oval Definition:oval:com.ubuntu.xenial:def:201668960000000
Revision Date:2017-01-18Version:1
Title:CVE-2016-6896 on Ubuntu 16.04 LTS (xenial) - medium.
Description:Directory traversal vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress 4.5.3 allows remote authenticated users to cause a denial of service or read certain text files via a .. (dot dot) in the plugin parameter to wp-admin/admin-ajax.php, as demonstrated by /dev/random read operations that deplete the entropy pool.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-6896
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND wordpress package in xenial is affected and needs fixing.
    • BACK