Oval Definition:	oval:org.opensuse.security:def:20161247
Revision Date: 2022-06-30 Version: 1 Title: CVE-2016-1247 Description: The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access to the web server user account to gain root privileges via a symlink attack on the error log. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2016-1247 SUSE CVE-2016-1247 Platform(s): openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0 Product(s): Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND nginx is not affected Definition Synopsis openSUSE Tumbleweed is installed AND Package Information ruby2.7-rubygem-passenger-6.0.8-3.2 is installed OR ruby3.0-rubygem-passenger-6.0.8-3.2 is installed OR rubygem-passenger-6.0.8-3.2 is installed OR rubygem-passenger-apache2-6.0.8-3.2 is installed OR rubygem-passenger-nginx-6.0.8-3.2 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15 SP1 is installed OR SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed OR SUSE Linux Enterprise Server 15 SP1 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed OR SUSE Linux Enterprise Storage 6 is installed OR SUSE Manager Proxy 4.0 is installed OR SUSE Manager Retail Branch Server 4.0 is installed OR SUSE Manager Server 4.0 is installed AND nginx is not affected
BACK