Date: Tue, 17 May 2016 01:27:14 +0000 From: Yusaku Sako <yusaku@...tonworks.com> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> Subject: [CVE-2016-0731] Apache Ambari: Ambari File Browser View security vulnerability CVE-2016-0731: Ambari File Browser View security vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: 1.7.0 to 2.2.0 Versions Fixed: 2.2.1 Description: Ambari File Browser View, depending on how it is configured, allows an Ambari admin user to gain access to Ambari Server's local file system. Mitigation: Ambari users should upgrade to versions 2.2.1 or above. Reference: https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ