DSA-4415 passenger - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
An arbitrary file read vulnerability was discovered in passenger, a webapplication server. A local user allowed to deploy an application topassenger, can take advantage of this flaw by creating a symlink fromthe REVISION file to an arbitrary file on the system and have itscontent displayed through passenger-status.
More info:
https://www.debian.org/security/2019/dsa-4415 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2017-16355 and DSA-4415. |