FS#52546 - [nginx] [Security] privilege escalation (CVE-2016-1247)
Attached to Project:
Arch Linux
Opened by Levente Polyak (anthraxx) - Saturday, 14 January 2017, 17:18 GMT
Last edited by Bartłomiej Piotrowski (Barthalion) - Sunday, 15 January 2017, 13:03 GMT
Opened by Levente Polyak (anthraxx) - Saturday, 14 January 2017, 17:18 GMT
Last edited by Bartłomiej Piotrowski (Barthalion) - Sunday, 15 January 2017, 13:03 GMT
|
Details
Summary
======= The package nginx is vulnerable to privilege escalation via CVE-2016-1247. Guidance ======== The current permission setup on /var/log/nginx/ allows the privilege escalation to happen. We should adapt (like nearly all distros). > ls -ld /var/log/nginx drwxr-x--- 2 http log 4096 Jan 8 00:00 /var/log/nginx To mitigate this issue, this should be: > ls -ld /var/log/nginx drwxr-xr-x 2 root root 20480 Jan 14 06:25 /var/log/nginx/ References ========== https://security.archlinux.org/AVG-138 https://security.archlinux.org/CVE-2016-1247 https://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html |
This task depends upon
Closed by Bartłomiej Piotrowski (Barthalion)
Sunday, 15 January 2017, 13:03 GMT
Reason for closing: Fixed
Additional comments about closing: nginx 1.10.2-3
Sunday, 15 January 2017, 13:03 GMT
Reason for closing: Fixed
Additional comments about closing: nginx 1.10.2-3