Oval Definition:	oval:com.ubuntu.xenial:def:20179735000
Revision Date: 2017-06-16 Version: 1 Title: CVE-2017-9735 on Ubuntu 16.04 LTS (xenial) - medium. Description: Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-9735 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information The 'jetty' package in xenial was vulnerable but has been fixed (note: '6.1.26-5ubuntu0.1'). OR The 'jetty8' package in xenial is affected and needs fixing. OR The 'jetty9' package in xenial is affected and needs fixing.
BACK