CVE-2016-1247 - log back

CVE-2016-1247 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Privilege escalation
Description
+ A symlink attack vulnerability was discovered in nginx. An attacker who could already run commands under the nginx user id could use this access to append data to files owned by root, potentially elevating their own privileges to root.
References
+ https://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
Notes