Debian DSA-3701-1 : nginx - security update

High Nessus Plugin ID 94260

Synopsis

The remote Debian host is missing a security-related update.

Description

Dawid Golunski reported the nginx web server packages in Debian suffered from a privilege escalation vulnerability (www-data to root) due to the way log files are handled. This security update changes ownership of the /var/log/nginx directory root. In addition, /var/log/nginx has to be made accessible to local users, and local users may be able to read the log files themselves local until the next logrotate invocation.

Solution

Upgrade the nginx packages.

For the stable distribution (jessie), this problem has been fixed in version 1.6.2-5+deb8u3.

See Also

https://packages.debian.org/source/jessie/nginx

https://www.debian.org/security/2016/dsa-3701

Plugin Details

Severity: High

ID: 94260

File Name: debian_DSA-3701.nasl

Version: 1.6

Type: local

Agent: unix

Published: 2016/10/26

Updated: 2018/11/10

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:nginx, cpe:/o:debian:debian_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/10/25

Reference Information

CVE: CVE-2016-1247

DSA: 3701