This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201701-22
(NGINX: Privilege escalation)
It was discovered that Gentoo’s default NGINX installation applied
similar problematic permissions on “/var/log/nginx” as Debian
(DSA-3701) and is therefore vulnerable to the same attack described in
A local attacker, who either is already NGINX’s system user or belongs
to NGINX’s group, could potentially escalate privileges.
Ensure that no untrusted user can create files in directories which are
used by NGINX (or an NGINX vhost) to store log files.
See also :
All NGINX users should upgrade to the latest ebuild revision:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-servers/nginx-1.10.2-r3'
Risk factor :
High / CVSS Base Score : 7.2