Oval Definition:oval:com.ubuntu.xenial:def:201716664000
Revision Date:2017-11-21Version:1
Title:CVE-2017-16664 on Ubuntu 16.04 LTS (xenial) - medium.
Description:Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-16664
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND The 'otrs2' package in xenial is affected and needs fixing.
  • BACK