OVAL Reference oval:com.ubuntu.xenial:def:201698770000000

Oval Definition:

oval:com.ubuntu.xenial:def:201698770000000

Revision Date:	2016-12-29	Version:	1
Title:	CVE-2016-9877 on Ubuntu 16.04 LTS (xenial) - high.
Description:	An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12, and 1.7.x before 1.7.7. MQTT (MQ Telemetry Transport) connection authentication with a username/password pair succeeds if an existing username is provided but the password is omitted from the connection request. Connections that use TLS with a client-provided certificate are not affected.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2016-9877
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND rabbitmq-server package in xenial was vulnerable but has been fixed (note: '3.5.7-1ubuntu0.16.04.2').