Oval Definition:	oval:com.ubuntu.xenial:def:2017128360000000
Revision Date: 2017-08-24 Version: 1 Title: CVE-2017-12836 on Ubuntu 16.04 LTS (xenial) - medium. Description: CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar." Family: unix Class: vulnerability Status: Reference(s): CVE-2017-12836 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND cvs package in xenial was vulnerable but has been fixed (note: '2:1.12.13+real-15ubuntu0.1').
BACK