Oval Definition:oval:org.opensuse.security:def:201716661
Revision Date:2022-06-30Version:1
Title:CVE-2017-16661
Description:

Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-16661
openSUSE-SU-2017:3051-1
Mitre CVE-2017-16661
SUSE CVE-2017-16661
openSUSE-SU-2017:3051-1
Platform(s):openSUSE Leap 42.2
openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Package Hub for SUSE Linux Enterprise 12
Product(s):
Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • cacti-1.1.28-16.13.1 is installed
  • AND cacti is signed with openSUSE key
  • OR
  • cacti-doc-1.1.28-16.13.1 is installed
  • AND cacti-doc is signed with openSUSE key
  • OR
  • cacti-spine-1.1.28-7.13.1 is installed
  • AND cacti-spine is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • cacti-1.1.28-29 is installed
  • AND cacti is signed with openSUSE key
  • OR
  • cacti-doc-1.1.28-29 is installed
  • AND cacti-doc is signed with openSUSE key
  • OR
  • cacti-spine-1.1.28-20 is installed
  • AND cacti-spine is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND Package Information
  • cacti-1.1.38-2 is installed
  • OR cacti-doc-1.1.38-2 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND cacti-1.2.18-1.2 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND Package Information
  • cacti-1.1.38-2.1 is installed
  • OR cacti-doc-1.1.38-2.1 is installed
    • BACK