CVE-2016-10345

Published: Apr 18, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/phusion/passenger/commit/e5b4b0824d6b648525b4bf63d9fa37e5beeae441

x_refsource_CONFIRM

https://github.com/phusion/passenger/blob/stable-5.1/CHANGELOG

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-10345

Description

Affected Products

References