ID CESA-2016:1267 Type centos Reporter CentOS Project Modified 2016-06-21T19:07:49
Description
CentOS Errata and Security Advisory CESA-2016:1267
The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache (AVC) messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution.
The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials.
Security Fix(es):
Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with root privileges. (CVE-2016-4445, CVE-2016-4989)
Shell command injection flaws were found in the way the setroubleshoot allow_execmod and allow_execstack plugins executed external commands. A local attacker able to trigger an execmod or execstack SELinux denial could use these flaws to execute arbitrary code with root privileges. (CVE-2016-4444, CVE-2016-4446)
The CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were discovered by Red Hat Product Security.
Merged security bulletin from advisories:
http://lists.centos.org/pipermail/centos-announce/2016-June/033951.html
http://lists.centos.org/pipermail/centos-announce/2016-June/033952.html
{"bulletinFamily": "unix", "affectedPackage": [{"OS": "CentOS", "packageVersion": "3.0.40-3.1.el6_8", "packageFilename": "setroubleshoot-plugins-3.0.40-3.1.el6_8.noarch.rpm", "packageName": "setroubleshoot-plugins", "operator": "lt", "arch": "noarch", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "3.0.40-3.1.el6_8", "packageFilename": "setroubleshoot-plugins-3.0.40-3.1.el6_8.noarch.rpm", "packageName": "setroubleshoot-plugins", "operator": "lt", "arch": "noarch", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "3.0.47-12.el6_8", "packageFilename": "setroubleshoot-server-3.0.47-12.el6_8.x86_64.rpm", "packageName": "setroubleshoot-server", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "3.0.47-12.el6_8", "packageFilename": "setroubleshoot-3.0.47-12.el6_8.x86_64.rpm", "packageName": "setroubleshoot", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "3.0.47-12.el6_8", "packageFilename": "setroubleshoot-3.0.47-12.el6_8.src.rpm", "packageName": "setroubleshoot", "operator": "lt", "arch": "any", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "3.0.47-12.el6_8", "packageFilename": "setroubleshoot-doc-3.0.47-12.el6_8.i686.rpm", "packageName": "setroubleshoot-doc", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "3.0.40-3.1.el6_8", "packageFilename": "setroubleshoot-plugins-3.0.40-3.1.el6_8.src.rpm", "packageName": "setroubleshoot-plugins", "operator": "lt", "arch": "any", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "3.0.47-12.el6_8", "packageFilename": "setroubleshoot-3.0.47-12.el6_8.i686.rpm", "packageName": "setroubleshoot", "operator": "lt", "arch": "i686", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "3.0.47-12.el6_8", "packageFilename": "setroubleshoot-doc-3.0.47-12.el6_8.x86_64.rpm", "packageName": "setroubleshoot-doc", "operator": "lt", "arch": "x86_64", "OSVersion": "6"}, {"OS": "CentOS", "packageVersion": "3.0.47-12.el6_8", "packageFilename": "setroubleshoot-server-3.0.47-12.el6_8.i686.rpm", "packageName": "setroubleshoot-server", "operator": "lt", "arch": "i686", "OSVersion": "6"}], "viewCount": 3, "reporter": "CentOS Project", "references": ["http://steadfast.net/", "https://rhn.redhat.com/errata/RHSA-2016-1267.html"], "description": "**CentOS Errata and Security Advisory** CESA-2016:1267\n\n\nThe setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache (AVC) messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials.\n\nSecurity Fix(es):\n\n* Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with root privileges. (CVE-2016-4445, CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the setroubleshoot allow_execmod and allow_execstack plugins executed external commands. A local attacker able to trigger an execmod or execstack SELinux denial could use these flaws to execute arbitrary code with root privileges. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were discovered by Red Hat Product Security.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-June/033951.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-June/033952.html\n\n**Affected packages:**\nsetroubleshoot\nsetroubleshoot-doc\nsetroubleshoot-plugins\nsetroubleshoot-server\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-1267.html", "href": "http://lists.centos.org/pipermail/centos-announce/2016-June/033951.html", "modified": "2016-06-21T19:07:49", "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["SOL94110161", "F5:K94110161"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310871632", "OPENVAS:1361412562311220161033", "OPENVAS:1361412562310871631", "OPENVAS:1361412562310882510", "OPENVAS:1361412562310808480", "OPENVAS:1361412562310882508", "OPENVAS:1361412562310808519", "OPENVAS:1361412562310882512", "OPENVAS:1361412562310882509", "OPENVAS:1361412562310808527"]}, {"type": "nessus", "idList": ["SL_20160623_SETROUBLESHOOT_AND_SETROUBLESHOOT_PLUGINS_ON_SL7_X.NASL", "REDHAT-RHSA-2016-1293.NASL", "ORACLELINUX_ELSA-2016-1293.NASL", "CENTOS_RHSA-2016-1293.NASL", "EULEROS_SA-2016-1033.NASL", "SL_20160621_SETROUBLESHOOT_AND_SETROUBLESHOOT_PLUGINS_ON_SL6_X.NASL", "REDHAT-RHSA-2016-1267.NASL", "FEDORA_2016-F597359BF2.NASL", "ORACLELINUX_ELSA-2016-1267.NASL", "CENTOS_RHSA-2016-1267.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-1293", "ELSA-2016-1267"]}, {"type": "redhat", "idList": ["RHSA-2016:1267", "RHSA-2016:1293"]}, {"type": "cve", "idList": ["CVE-2016-4445", "CVE-2016-4989", "CVE-2016-4444", "CVE-2016-4446"]}, {"type": "centos", "idList": ["CESA-2016:1293"]}, {"type": "fedora", "idList": ["FEDORA:D2E6C6085AEF", "FEDORA:D77B7601FBF3", "FEDORA:84A26607970B", "FEDORA:67B33601F376", "FEDORA:5F7F76074A47"]}], "modified": "2019-12-20T18:24:01", "rev": 2}, "score": {"value": 6.9, "vector": "NONE", "modified": "2019-12-20T18:24:01", "rev": 2}, "vulnersScore": 6.9}, "id": "CESA-2016:1267", "title": "setroubleshoot security update", "edition": 3, "published": "2016-06-21T19:07:23", "type": "centos", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "lastseen": "2019-12-20T18:24:01", "scheme": null}
{"f5": [{"lastseen": "2019-04-30T18:21:26", "bulletinFamily": "software", "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "modified": "2017-04-27T18:12:00", "published": "2016-07-14T00:38:00", "id": "F5:K94110161", "href": "https://support.f5.com/csp/article/K94110161", "title": "Red Hat shell command injection flaw vulnerabilities CVE-2016-4444, CVE-2016-4445, CVE-2016-4446, and CVE-2016-4989", "type": "f5", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:25", "bulletinFamily": "software", "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "edition": 1, "modified": "2016-07-13T00:00:00", "published": "2016-07-13T00:00:00", "id": "SOL94110161", "href": "http://support.f5.com/kb/en-us/solutions/public/k/94/sol94110161.html", "type": "f5", "title": "SOL94110161 - Red Hat shell command injection flaw vulnerabilities CVE-2016-4444, CVE-2016-4445, CVE-2016-4446, and CVE-2016-4989", "cvss": {"score": 0.0, "vector": "NONE"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:56", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "setroubleshoot\n[3.0.47-12.0.1]\n- Add setroubleshoot-oracle-enterprise.patch to change bug reporting\n URL to linux.oracle.com\n[3.0.47-12]\n- Don't use command.get*output()\nResolves: CVE-2016-4445\nsetroubleshoot-plugins\n[3.0.40-3.1.0.1]\n- Add setroubleshoot-plugins-oracle-enterprise.patch\n[3.0.40-3.1]\n- Don't use commands.get*output()\nResolves: CVE-2016-4444, CVE-2016-4446", "edition": 4, "modified": "2016-06-21T00:00:00", "published": "2016-06-21T00:00:00", "id": "ELSA-2016-1267", "href": "http://linux.oracle.com/errata/ELSA-2016-1267.html", "title": "setroubleshoot and setroubleshoot-plugins security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:27", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "setroubleshoot\n[3.2.24-4.0.1]\n- Add setroubleshoot-oracle-enterprise.patch to change bug reporting\n URL to linux.oracle.com\n[3.2.24-4]\n- Catch all subprocess module exceptions\n[3.2.24-3]\n- Use subprocess.check_output() with a sequence of program arguments\n[3.2.24-2]\n- Do not use dangerous shell=True\nsetroubleshoot-plugins\n[3.0.59-2.0.1]\n- Add setroubleshoot-plugins-oracle-config.patch to use oracle url\n- Add setroubleshoot-plugins-oracle-po.patch to use oracle url for po\n[3.0.59-2]\n- Don't use commands.get*output()\nResolves: CVE-2016-4444, CVE-2016-4446", "edition": 4, "modified": "2016-06-23T00:00:00", "published": "2016-06-23T00:00:00", "id": "ELSA-2016-1293", "href": "http://linux.oracle.com/errata/ELSA-2016-1293.html", "title": "setroubleshoot and setroubleshoot-plugins security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:59", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4444", "CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4989"], "description": "The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache (AVC) messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials.\n\nSecurity Fix(es):\n\n* Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with root privileges. (CVE-2016-4445, CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the setroubleshoot allow_execmod and allow_execstack plugins executed external commands. A local attacker able to trigger an execmod or execstack SELinux denial could use these flaws to execute arbitrary code with root privileges. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were discovered by Red Hat Product Security.", "modified": "2018-06-06T20:24:17", "published": "2016-06-21T22:14:05", "id": "RHSA-2016:1267", "href": "https://access.redhat.com/errata/RHSA-2016:1267", "type": "redhat", "title": "(RHSA-2016:1267) Important: setroubleshoot and setroubleshoot-plugins security update", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:56", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4444", "CVE-2016-4446", "CVE-2016-4989"], "description": "The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache (AVC) messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials.\n\nSecurity Fix(es):\n\n* Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with privileges of the setroubleshoot user. (CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the setroubleshoot allow_execmod and allow_execstack plugins executed external commands. A local attacker able to trigger an execmod or execstack SELinux denial could use these flaws to execute arbitrary code with privileges of the setroubleshoot user. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat Product Security.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is run with root privileges. Therefore, these issues could allow an attacker to execute arbitrary code with root privileges.", "modified": "2018-04-12T03:32:08", "published": "2016-06-23T12:21:29", "id": "RHSA-2016:1293", "href": "https://access.redhat.com/errata/RHSA-2016:1293", "type": "redhat", "title": "(RHSA-2016:1293) Important: setroubleshoot and setroubleshoot-plugins security update", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-06T09:30:41", "description": "An update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with root privileges. (CVE-2016-4445, CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with root privileges. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were\ndiscovered by Red Hat Product Security.", "edition": 32, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-06-22T00:00:00", "title": "CentOS 6 : setroubleshoot / setroubleshoot-plugins (CESA-2016:1267)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "modified": "2016-06-22T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:setroubleshoot", "p-cpe:/a:centos:centos:setroubleshoot-plugins", "p-cpe:/a:centos:centos:setroubleshoot-doc", "p-cpe:/a:centos:centos:setroubleshoot-server"], "id": "CENTOS_RHSA-2016-1267.NASL", "href": "https://www.tenable.com/plugins/nessus/91732", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:1267 and \n# CentOS Errata and Security Advisory 2016:1267 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91732);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4445\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_xref(name:\"RHSA\", value:\"2016:1267\");\n\n script_name(english:\"CentOS 6 : setroubleshoot / setroubleshoot-plugins (CESA-2016:1267)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with root privileges. (CVE-2016-4445, CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with root privileges. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were\ndiscovered by Red Hat Product Security.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-June/021913.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?06b15c47\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-June/021914.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f796127\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected setroubleshoot and / or setroubleshoot-plugins\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4444\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:setroubleshoot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:setroubleshoot-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:setroubleshoot-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:setroubleshoot-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"setroubleshoot-3.0.47-12.el6_8\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"setroubleshoot-doc-3.0.47-12.el6_8\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"setroubleshoot-plugins-3.0.40-3.1.el6_8\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"setroubleshoot-server-3.0.47-12.el6_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"setroubleshoot / setroubleshoot-doc / setroubleshoot-plugins / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:50:42", "description": "From Red Hat Security Advisory 2016:1267 :\n\nAn update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with root privileges. (CVE-2016-4445, CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with root privileges. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were\ndiscovered by Red Hat Product Security.", "edition": 27, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-06-22T00:00:00", "title": "Oracle Linux 6 : setroubleshoot / setroubleshoot-plugins (ELSA-2016-1267)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "modified": "2016-06-22T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:setroubleshoot-plugins", "p-cpe:/a:oracle:linux:setroubleshoot-server", "p-cpe:/a:oracle:linux:setroubleshoot-doc", "p-cpe:/a:oracle:linux:setroubleshoot"], "id": "ORACLELINUX_ELSA-2016-1267.NASL", "href": "https://www.tenable.com/plugins/nessus/91737", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:1267 and \n# Oracle Linux Security Advisory ELSA-2016-1267 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91737);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4445\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_xref(name:\"RHSA\", value:\"2016:1267\");\n\n script_name(english:\"Oracle Linux 6 : setroubleshoot / setroubleshoot-plugins (ELSA-2016-1267)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:1267 :\n\nAn update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with root privileges. (CVE-2016-4445, CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with root privileges. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were\ndiscovered by Red Hat Product Security.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-June/006126.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected setroubleshoot and / or setroubleshoot-plugins\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:setroubleshoot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:setroubleshoot-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:setroubleshoot-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:setroubleshoot-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"setroubleshoot-3.0.47-12.0.1.el6_8\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"setroubleshoot-doc-3.0.47-12.0.1.el6_8\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"setroubleshoot-plugins-3.0.40-3.1.0.1.el6_8\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"setroubleshoot-server-3.0.47-12.0.1.el6_8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"setroubleshoot / setroubleshoot-doc / setroubleshoot-plugins / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:49:18", "description": "The setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n - Shell command injection flaws were found in the way the\n setroubleshoot executed external commands. A local\n attacker able to trigger certain SELinux denials could\n use these flaws to execute arbitrary code with root\n privileges. (CVE-2016-4445, CVE-2016-4989)\n\n - Shell command injection flaws were found in the way the\n setroubleshoot allow_execmod and allow_execstack plugins\n executed external commands. A local attacker able to\n trigger an execmod or execstack SELinux denial could use\n these flaws to execute arbitrary code with root\n privileges. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were\ndiscovered by Red Hat Product Security.", "edition": 17, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-06-24T00:00:00", "title": "Scientific Linux Security Update : setroubleshoot and setroubleshoot-plugins on SL6.x i386/x86_64 (20160621)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "modified": "2016-06-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:setroubleshoot-server", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:setroubleshoot-plugins", "p-cpe:/a:fermilab:scientific_linux:setroubleshoot-doc", "p-cpe:/a:fermilab:scientific_linux:setroubleshoot-debuginfo", "p-cpe:/a:fermilab:scientific_linux:setroubleshoot"], "id": "SL_20160621_SETROUBLESHOOT_AND_SETROUBLESHOOT_PLUGINS_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/91806", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91806);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4445\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n\n script_name(english:\"Scientific Linux Security Update : setroubleshoot and setroubleshoot-plugins on SL6.x i386/x86_64 (20160621)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n - Shell command injection flaws were found in the way the\n setroubleshoot executed external commands. A local\n attacker able to trigger certain SELinux denials could\n use these flaws to execute arbitrary code with root\n privileges. (CVE-2016-4445, CVE-2016-4989)\n\n - Shell command injection flaws were found in the way the\n setroubleshoot allow_execmod and allow_execstack plugins\n executed external commands. A local attacker able to\n trigger an execmod or execstack SELinux denial could use\n these flaws to execute arbitrary code with root\n privileges. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were\ndiscovered by Red Hat Product Security.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1606&L=scientific-linux-errata&F=&S=&P=7583\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2cda81b0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:setroubleshoot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:setroubleshoot-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:setroubleshoot-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:setroubleshoot-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:setroubleshoot-server\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"setroubleshoot-3.0.47-12.el6_8\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"setroubleshoot-debuginfo-3.0.47-12.el6_8\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"setroubleshoot-doc-3.0.47-12.el6_8\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"setroubleshoot-plugins-3.0.40-3.1.el6_8\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"setroubleshoot-server-3.0.47-12.el6_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"setroubleshoot / setroubleshoot-debuginfo / setroubleshoot-doc / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T05:33:16", "description": "An update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with root privileges. (CVE-2016-4445, CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with root privileges. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were\ndiscovered by Red Hat Product Security.", "edition": 29, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-06-22T00:00:00", "title": "RHEL 6 : setroubleshoot and setroubleshoot-plugins (RHSA-2016:1267)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:setroubleshoot-debuginfo", "p-cpe:/a:redhat:enterprise_linux:setroubleshoot", "p-cpe:/a:redhat:enterprise_linux:setroubleshoot-plugins", "p-cpe:/a:redhat:enterprise_linux:setroubleshoot-server", "p-cpe:/a:redhat:enterprise_linux:setroubleshoot-doc", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2016-1267.NASL", "href": "https://www.tenable.com/plugins/nessus/91757", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:1267. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91757);\n script_version(\"2.11\");\n script_cvs_date(\"Date: 2019/10/24 15:35:41\");\n\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4445\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_xref(name:\"RHSA\", value:\"2016:1267\");\n\n script_name(english:\"RHEL 6 : setroubleshoot and setroubleshoot-plugins (RHSA-2016:1267)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with root privileges. (CVE-2016-4445, CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with root privileges. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were\ndiscovered by Red Hat Product Security.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:1267\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4989\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:setroubleshoot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:setroubleshoot-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:setroubleshoot-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:setroubleshoot-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:setroubleshoot-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:1267\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"setroubleshoot-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"setroubleshoot-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"setroubleshoot-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"setroubleshoot-debuginfo-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"setroubleshoot-debuginfo-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"setroubleshoot-debuginfo-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"setroubleshoot-doc-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"setroubleshoot-doc-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"setroubleshoot-doc-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"setroubleshoot-plugins-3.0.40-3.1.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"setroubleshoot-server-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"setroubleshoot-server-3.0.47-12.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"setroubleshoot-server-3.0.47-12.el6_8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"setroubleshoot / setroubleshoot-debuginfo / setroubleshoot-doc / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T08:51:42", "description": "According to the versions of the setroubleshoot,\nsetroubleshoot-plugins packages installed, the EulerOS installation\non the remote host is affected by the following vulnerabilities :\n\n - The setroubleshoot packages provide tools to help\n diagnose SELinux problems. When Access Vector Cache\n (AVC) messages are returned, an alert can be generated\n that provides information about the problem and helps\n to track its resolution.\n\n - The setroubleshoot-plugins package provides a set of\n analysis plugins for use with setroubleshoot. Each\n plugin has the capacity to analyze SELinux AVC data and\n system data to provide user friendly reports describing\n how to interpret SELinux AVC denials.\n\n - Security Fix(es)i1/4s\n\n - Shell command injection flaws were found in the way the\n setroubleshoot executed external commands. A local\n attacker able to trigger certain SELinux denials could\n use these flaws to execute arbitrary code with\n privileges of the setroubleshoot user.(CVE-2016-4989)\n\n - Shell command injection flaws were found in the way the\n setroubleshoot allow_execmod and allow_execstack\n plugins executed external commands. A local attacker\n able to trigger an execmod or execstack SELinux denial\n could use these flaws to execute arbitrary code with\n privileges of the setroubleshoot user.\n (CVE-2016-4444,CVE-2016-4446)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-01T00:00:00", "title": "EulerOS 2.0 SP1 : setroubleshoot, setroubleshoot-plugins (EulerOS-SA-2016-1033)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "modified": "2017-05-01T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:setroubleshoot-plugins", "p-cpe:/a:huawei:euleros:setroubleshoot", "p-cpe:/a:huawei:euleros:setroubleshoot-server", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2016-1033.NASL", "href": "https://www.tenable.com/plugins/nessus/99796", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99796);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-4444\",\n \"CVE-2016-4446\",\n \"CVE-2016-4989\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : setroubleshoot, setroubleshoot-plugins (EulerOS-SA-2016-1033)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the setroubleshoot,\nsetroubleshoot-plugins packages installed, the EulerOS installation\non the remote host is affected by the following vulnerabilities :\n\n - The setroubleshoot packages provide tools to help\n diagnose SELinux problems. When Access Vector Cache\n (AVC) messages are returned, an alert can be generated\n that provides information about the problem and helps\n to track its resolution.\n\n - The setroubleshoot-plugins package provides a set of\n analysis plugins for use with setroubleshoot. Each\n plugin has the capacity to analyze SELinux AVC data and\n system data to provide user friendly reports describing\n how to interpret SELinux AVC denials.\n\n - Security Fix(es)i1/4s\n\n - Shell command injection flaws were found in the way the\n setroubleshoot executed external commands. A local\n attacker able to trigger certain SELinux denials could\n use these flaws to execute arbitrary code with\n privileges of the setroubleshoot user.(CVE-2016-4989)\n\n - Shell command injection flaws were found in the way the\n setroubleshoot allow_execmod and allow_execstack\n plugins executed external commands. A local attacker\n able to trigger an execmod or execstack SELinux denial\n could use these flaws to execute arbitrary code with\n privileges of the setroubleshoot user.\n (CVE-2016-4444,CVE-2016-4446)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1033\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4dea1151\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected setroubleshoot, setroubleshoot-plugins packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:setroubleshoot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:setroubleshoot-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:setroubleshoot-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"setroubleshoot-3.2.24-4\",\n \"setroubleshoot-plugins-3.0.59-2\",\n \"setroubleshoot-server-3.2.24-4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"setroubleshoot, setroubleshoot-plugins\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:50:43", "description": "From Red Hat Security Advisory 2016:1293 :\n\nAn update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with privileges of the setroubleshoot user.\n(CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with privileges of the setroubleshoot user. (CVE-2016-4444,\nCVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat\nProduct Security.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is\nrun with root privileges. Therefore, these issues could allow an\nattacker to execute arbitrary code with root privileges.", "edition": 27, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-06-24T00:00:00", "title": "Oracle Linux 7 : setroubleshoot / setroubleshoot-plugins (ELSA-2016-1293)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "modified": "2016-06-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:setroubleshoot-plugins", "p-cpe:/a:oracle:linux:setroubleshoot-server", "p-cpe:/a:oracle:linux:setroubleshoot", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2016-1293.NASL", "href": "https://www.tenable.com/plugins/nessus/91798", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:1293 and \n# Oracle Linux Security Advisory ELSA-2016-1293 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91798);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_xref(name:\"RHSA\", value:\"2016:1293\");\n\n script_name(english:\"Oracle Linux 7 : setroubleshoot / setroubleshoot-plugins (ELSA-2016-1293)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:1293 :\n\nAn update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with privileges of the setroubleshoot user.\n(CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with privileges of the setroubleshoot user. (CVE-2016-4444,\nCVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat\nProduct Security.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is\nrun with root privileges. Therefore, these issues could allow an\nattacker to execute arbitrary code with root privileges.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-June/006138.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected setroubleshoot and / or setroubleshoot-plugins\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:setroubleshoot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:setroubleshoot-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:setroubleshoot-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"setroubleshoot-3.2.24-4.0.1.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"setroubleshoot-plugins-3.0.59-2.0.1.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"setroubleshoot-server-3.2.24-4.0.1.el7_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"setroubleshoot / setroubleshoot-plugins / setroubleshoot-server\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:49:18", "description": "The setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n - Shell command injection flaws were found in the way the\n setroubleshoot executed external commands. A local\n attacker able to trigger certain SELinux denials could\n use these flaws to execute arbitrary code with\n privileges of the setroubleshoot user. (CVE-2016-4989)\n\n - Shell command injection flaws were found in the way the\n setroubleshoot allow_execmod and allow_execstack plugins\n executed external commands. A local attacker able to\n trigger an execmod or execstack SELinux denial could use\n these flaws to execute arbitrary code with privileges of\n the setroubleshoot user. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat\nProduct Security.\n\nNote: On Scientific Linux 7.0 and 7.1, the setroubleshoot is run with\nroot privileges. Therefore, these issues could allow an attacker to\nexecute arbitrary code with root privileges.", "edition": 17, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-06-24T00:00:00", "title": "Scientific Linux Security Update : setroubleshoot and setroubleshoot-plugins on SL7.x x86_64 (20160623)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "modified": "2016-06-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:setroubleshoot-server", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:setroubleshoot-plugins", "p-cpe:/a:fermilab:scientific_linux:setroubleshoot-debuginfo", "p-cpe:/a:fermilab:scientific_linux:setroubleshoot"], "id": "SL_20160623_SETROUBLESHOOT_AND_SETROUBLESHOOT_PLUGINS_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/91809", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91809);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n\n script_name(english:\"Scientific Linux Security Update : setroubleshoot and setroubleshoot-plugins on SL7.x x86_64 (20160623)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n - Shell command injection flaws were found in the way the\n setroubleshoot executed external commands. A local\n attacker able to trigger certain SELinux denials could\n use these flaws to execute arbitrary code with\n privileges of the setroubleshoot user. (CVE-2016-4989)\n\n - Shell command injection flaws were found in the way the\n setroubleshoot allow_execmod and allow_execstack plugins\n executed external commands. A local attacker able to\n trigger an execmod or execstack SELinux denial could use\n these flaws to execute arbitrary code with privileges of\n the setroubleshoot user. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat\nProduct Security.\n\nNote: On Scientific Linux 7.0 and 7.1, the setroubleshoot is run with\nroot privileges. Therefore, these issues could allow an attacker to\nexecute arbitrary code with root privileges.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1606&L=scientific-linux-errata&F=&S=&P=7157\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4c8329df\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:setroubleshoot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:setroubleshoot-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:setroubleshoot-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:setroubleshoot-server\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"setroubleshoot-3.2.24-4.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"setroubleshoot-debuginfo-3.2.24-4.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"setroubleshoot-plugins-3.0.59-2.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"setroubleshoot-server-3.2.24-4.el7_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"setroubleshoot / setroubleshoot-debuginfo / setroubleshoot-plugins / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T05:33:16", "description": "An update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with privileges of the setroubleshoot user.\n(CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with privileges of the setroubleshoot user. (CVE-2016-4444,\nCVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat\nProduct Security.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is\nrun with root privileges. Therefore, these issues could allow an\nattacker to execute arbitrary code with root privileges.", "edition": 30, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-06-24T00:00:00", "title": "RHEL 7 : setroubleshoot and setroubleshoot-plugins (RHSA-2016:1293)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:setroubleshoot-debuginfo", "p-cpe:/a:redhat:enterprise_linux:setroubleshoot", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:setroubleshoot-plugins", "p-cpe:/a:redhat:enterprise_linux:setroubleshoot-server", "cpe:/o:redhat:enterprise_linux:7.7", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "REDHAT-RHSA-2016-1293.NASL", "href": "https://www.tenable.com/plugins/nessus/91803", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:1293. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91803);\n script_version(\"2.13\");\n script_cvs_date(\"Date: 2019/10/24 15:35:41\");\n\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_xref(name:\"RHSA\", value:\"2016:1293\");\n\n script_name(english:\"RHEL 7 : setroubleshoot and setroubleshoot-plugins (RHSA-2016:1293)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with privileges of the setroubleshoot user.\n(CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with privileges of the setroubleshoot user. (CVE-2016-4444,\nCVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat\nProduct Security.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is\nrun with root privileges. Therefore, these issues could allow an\nattacker to execute arbitrary code with root privileges.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:1293\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4989\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:setroubleshoot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:setroubleshoot-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:setroubleshoot-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:setroubleshoot-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:1293\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"setroubleshoot-3.2.24-4.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"setroubleshoot-3.2.24-4.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"setroubleshoot-debuginfo-3.2.24-4.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"setroubleshoot-debuginfo-3.2.24-4.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"setroubleshoot-plugins-3.0.59-2.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"setroubleshoot-server-3.2.24-4.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"setroubleshoot-server-3.2.24-4.el7_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"setroubleshoot / setroubleshoot-debuginfo / setroubleshoot-plugins / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:30:41", "description": "An update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with privileges of the setroubleshoot user.\n(CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with privileges of the setroubleshoot user. (CVE-2016-4444,\nCVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat\nProduct Security.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is\nrun with root privileges. Therefore, these issues could allow an\nattacker to execute arbitrary code with root privileges.", "edition": 32, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-06-24T00:00:00", "title": "CentOS 7 : setroubleshoot / setroubleshoot-plugins (CESA-2016:1293)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "modified": "2016-06-24T00:00:00", "cpe": ["cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:setroubleshoot", "p-cpe:/a:centos:centos:setroubleshoot-plugins", "p-cpe:/a:centos:centos:setroubleshoot-server"], "id": "CENTOS_RHSA-2016-1293.NASL", "href": "https://www.tenable.com/plugins/nessus/91787", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:1293 and \n# CentOS Errata and Security Advisory 2016:1293 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91787);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_xref(name:\"RHSA\", value:\"2016:1293\");\n\n script_name(english:\"CentOS 7 : setroubleshoot / setroubleshoot-plugins (CESA-2016:1293)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for setroubleshoot and setroubleshoot-plugins is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an\nalert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins\nfor use with setroubleshoot. Each plugin has the capacity to analyze\nSELinux AVC data and system data to provide user friendly reports\ndescribing how to interpret SELinux AVC denials.\n\nSecurity Fix(es) :\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot executed external commands. A local attacker able to\ntrigger certain SELinux denials could use these flaws to execute\narbitrary code with privileges of the setroubleshoot user.\n(CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the\nsetroubleshoot allow_execmod and allow_execstack plugins executed\nexternal commands. A local attacker able to trigger an execmod or\nexecstack SELinux denial could use these flaws to execute arbitrary\ncode with privileges of the setroubleshoot user. (CVE-2016-4444,\nCVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos\nMalik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat\nProduct Security.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is\nrun with root privileges. Therefore, these issues could allow an\nattacker to execute arbitrary code with root privileges.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-June/021939.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c44a8677\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-June/021940.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c77a5436\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected setroubleshoot and / or setroubleshoot-plugins\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4444\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:setroubleshoot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:setroubleshoot-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:setroubleshoot-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"setroubleshoot-3.2.24-4.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"setroubleshoot-plugins-3.0.59-2.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"setroubleshoot-server-3.2.24-4.el7_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"setroubleshoot / setroubleshoot-plugins / setroubleshoot-server\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:15:03", "description": "Security fix for CVE-2016-4446\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 20, "cvss3": {"score": 7.0, "vector": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-07-15T00:00:00", "title": "Fedora 22 : setroubleshoot (2016-f597359bf2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446"], "modified": "2016-07-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:setroubleshoot", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-F597359BF2.NASL", "href": "https://www.tenable.com/plugins/nessus/92304", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-f597359bf2.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92304);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4446\");\n script_xref(name:\"FEDORA\", value:\"2016-f597359bf2\");\n\n script_name(english:\"Fedora 22 : setroubleshoot (2016-f597359bf2)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-4446\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-f597359bf2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected setroubleshoot package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:setroubleshoot\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"setroubleshoot-3.2.27.1-1.fc22\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"setroubleshoot\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:35:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "Check the version of setroubleshoot-plugins", "modified": "2019-03-08T00:00:00", "published": "2016-06-22T00:00:00", "id": "OPENVAS:1361412562310882508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882508", "type": "openvas", "title": "CentOS Update for setroubleshoot-plugins CESA-2016:1267 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for setroubleshoot-plugins CESA-2016:1267 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882508\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-22 05:28:52 +0200 (Wed, 22 Jun 2016)\");\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4445\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for setroubleshoot-plugins CESA-2016:1267 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of setroubleshoot-plugins\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an alert\ncan be generated that provides information about the problem and helps to\ntrack its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins for\nuse with setroubleshoot. Each plugin has the capacity to analyze SELinux\nAVC data and system data to provide user friendly reports describing how to\ninterpret SELinux AVC denials.\n\nSecurity Fix(es):\n\n * Shell command injection flaws were found in the way the setroubleshoot\nexecuted external commands. A local attacker able to trigger certain\nSELinux denials could use these flaws to execute arbitrary code with root\nprivileges. (CVE-2016-4445, CVE-2016-4989)\n\n * Shell command injection flaws were found in the way the setroubleshoot\nallow_execmod and allow_execstack plugins executed external commands. A\nlocal attacker able to trigger an execmod or execstack SELinux denial could\nuse these flaws to execute arbitrary code with root privileges.\n(CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik\n(Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were discovered by\nRed Hat Product Security.\");\n script_tag(name:\"affected\", value:\"setroubleshoot-plugins on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:1267\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-June/021913.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-plugins\", rpm:\"setroubleshoot-plugins~3.0.40~3.1.el6_8\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "Check the version of setroubleshoot", "modified": "2019-03-08T00:00:00", "published": "2016-06-22T00:00:00", "id": "OPENVAS:1361412562310882509", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882509", "type": "openvas", "title": "CentOS Update for setroubleshoot CESA-2016:1267 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for setroubleshoot CESA-2016:1267 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882509\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-22 05:28:59 +0200 (Wed, 22 Jun 2016)\");\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4445\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for setroubleshoot CESA-2016:1267 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of setroubleshoot\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The setroubleshoot packages provide tools to help diagnose SELinux\nproblems. When Access Vector Cache (AVC) messages are returned, an alert\ncan be generated that provides information about the problem and helps to\ntrack its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins for\nuse with setroubleshoot. Each plugin has the capacity to analyze SELinux\nAVC data and system data to provide user friendly reports describing how to\ninterpret SELinux AVC denials.\n\nSecurity Fix(es):\n\n * Shell command injection flaws were found in the way the setroubleshoot\nexecuted external commands. A local attacker able to trigger certain\nSELinux denials could use these flaws to execute arbitrary code with root\nprivileges. (CVE-2016-4445, CVE-2016-4989)\n\n * Shell command injection flaws were found in the way the setroubleshoot\nallow_execmod and allow_execstack plugins executed external commands. A\nlocal attacker able to trigger an execmod or execstack SELinux denial could\nuse these flaws to execute arbitrary code with root privileges.\n(CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik\n(Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were discovered by\nRed Hat Product Security.\");\n script_tag(name:\"affected\", value:\"setroubleshoot on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:1267\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-June/021914.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot\", rpm:\"setroubleshoot~3.0.47~12.el6_8\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-doc\", rpm:\"setroubleshoot-doc~3.0.47~12.el6_8\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-server\", rpm:\"setroubleshoot-server~3.0.47~12.el6_8\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4445", "CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2016-06-22T00:00:00", "id": "OPENVAS:1361412562310871631", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871631", "type": "openvas", "title": "RedHat Update for setroubleshoot and setroubleshoot-plugins RHSA-2016:1267-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for setroubleshoot and setroubleshoot-plugins RHSA-2016:1267-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871631\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-22 05:28:29 +0200 (Wed, 22 Jun 2016)\");\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4445\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for setroubleshoot and setroubleshoot-plugins RHSA-2016:1267-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'setroubleshoot and setroubleshoot-plugins'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The setroubleshoot packages provide tools to\nhelp diagnose SELinux problems. When Access Vector Cache (AVC) messages are\nreturned, an alert can be generated that provides information about the problem and\nhelps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins for\nuse with setroubleshoot. Each plugin has the capacity to analyze SELinux\nAVC data and system data to provide user friendly reports describing how to\ninterpret SELinux AVC denials.\n\nSecurity Fix(es):\n\n * Shell command injection flaws were found in the way the setroubleshoot\nexecuted external commands. A local attacker able to trigger certain\nSELinux denials could use these flaws to execute arbitrary code with root\nprivileges. (CVE-2016-4445, CVE-2016-4989)\n\n * Shell command injection flaws were found in the way the setroubleshoot\nallow_execmod and allow_execstack plugins executed external commands. A\nlocal attacker able to trigger an execmod or execstack SELinux denial could\nuse these flaws to execute arbitrary code with root privileges.\n(CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik\n(Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were discovered by\nRed Hat Product Security.\");\n script_tag(name:\"affected\", value:\"setroubleshoot and setroubleshoot-plugins\non Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:1267-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-June/msg00016.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot\", rpm:\"setroubleshoot~3.0.47~12.el6_8\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-debuginfo\", rpm:\"setroubleshoot-debuginfo~3.0.47~12.el6_8\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-server\", rpm:\"setroubleshoot-server~3.0.47~12.el6_8\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-plugins\", rpm:\"setroubleshoot-plugins~3.0.40~3.1.el6_8\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2016-06-24T00:00:00", "id": "OPENVAS:1361412562310871632", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871632", "type": "openvas", "title": "RedHat Update for setroubleshoot and setroubleshoot-plugins RHSA-2016:1293-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for setroubleshoot and setroubleshoot-plugins RHSA-2016:1293-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871632\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-24 05:25:28 +0200 (Fri, 24 Jun 2016)\");\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for setroubleshoot and setroubleshoot-plugins RHSA-2016:1293-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'setroubleshoot and setroubleshoot-plugins'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The setroubleshoot packages provide tools\nto help diagnose SELinux problems. When Access Vector Cache (AVC) messages are\nreturned, an alert can be generated that provides information about the problem\nand helps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins for\nuse with setroubleshoot. Each plugin has the capacity to analyze SELinux\nAVC data and system data to provide user friendly reports describing how to\ninterpret SELinux AVC denials.\n\nSecurity Fix(es):\n\n * Shell command injection flaws were found in the way the setroubleshoot\nexecuted external commands. A local attacker able to trigger certain\nSELinux denials could use these flaws to execute arbitrary code with\nprivileges of the setroubleshoot user. (CVE-2016-4989)\n\n * Shell command injection flaws were found in the way the setroubleshoot\nallow_execmod and allow_execstack plugins executed external commands. A\nlocal attacker able to trigger an execmod or execstack SELinux denial could\nuse these flaws to execute arbitrary code with privileges of the\nsetroubleshoot user. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik\n(Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat Product\nSecurity.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is run\nwith root privileges. Therefore, these issues could allow an attacker to\nexecute arbitrary code with root privileges.\");\n script_tag(name:\"affected\", value:\"setroubleshoot and setroubleshoot-plugins\n on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:1293-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-June/msg00023.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-plugins\", rpm:\"setroubleshoot-plugins~3.0.59~2.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot\", rpm:\"setroubleshoot~3.2.24~4.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-debuginfo\", rpm:\"setroubleshoot-debuginfo~3.2.24~4.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-server\", rpm:\"setroubleshoot-server~3.2.24~4.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "Check the version of setroubleshoot-plugins", "modified": "2019-03-08T00:00:00", "published": "2016-06-24T00:00:00", "id": "OPENVAS:1361412562310882510", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882510", "type": "openvas", "title": "CentOS Update for setroubleshoot-plugins CESA-2016:1293 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for setroubleshoot-plugins CESA-2016:1293 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882510\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-24 05:26:33 +0200 (Fri, 24 Jun 2016)\");\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for setroubleshoot-plugins CESA-2016:1293 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of setroubleshoot-plugins\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The setroubleshoot packages provide tools\nto help diagnose SELinux problems. When Access Vector Cache (AVC) messages are\nreturned, an alert can be generated that provides information about the problem\nand helps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins for\nuse with setroubleshoot. Each plugin has the capacity to analyze SELinux\nAVC data and system data to provide user friendly reports describing how to\ninterpret SELinux AVC denials.\n\nSecurity Fix(es):\n\n * Shell command injection flaws were found in the way the setroubleshoot\nexecuted external commands. A local attacker able to trigger certain\nSELinux denials could use these flaws to execute arbitrary code with\nprivileges of the setroubleshoot user. (CVE-2016-4989)\n\n * Shell command injection flaws were found in the way the setroubleshoot\nallow_execmod and allow_execstack plugins executed external commands. A\nlocal attacker able to trigger an execmod or execstack SELinux denial could\nuse these flaws to execute arbitrary code with privileges of the\nsetroubleshoot user. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik\n(Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat Product\nSecurity.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is run\nwith root privileges. Therefore, these issues could allow an attacker to\nexecute arbitrary code with root privileges.\");\n script_tag(name:\"affected\", value:\"setroubleshoot-plugins on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:1293\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-June/021940.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-plugins\", rpm:\"setroubleshoot-plugins~3.0.59~2.el7_2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "Check the version of setroubleshoot", "modified": "2019-03-08T00:00:00", "published": "2016-06-24T00:00:00", "id": "OPENVAS:1361412562310882512", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882512", "type": "openvas", "title": "CentOS Update for setroubleshoot CESA-2016:1293 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for setroubleshoot CESA-2016:1293 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882512\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-24 05:26:43 +0200 (Fri, 24 Jun 2016)\");\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for setroubleshoot CESA-2016:1293 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of setroubleshoot\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The setroubleshoot packages provide tools\nto help diagnose SELinux problems. When Access Vector Cache (AVC) messages are\nreturned, an alert can be generated that provides information about the problem\nand helps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins for\nuse with setroubleshoot. Each plugin has the capacity to analyze SELinux\nAVC data and system data to provide user friendly reports describing how to\ninterpret SELinux AVC denials.\n\nSecurity Fix(es):\n\n * Shell command injection flaws were found in the way the setroubleshoot\nexecuted external commands. A local attacker able to trigger certain\nSELinux denials could use these flaws to execute arbitrary code with\nprivileges of the setroubleshoot user. (CVE-2016-4989)\n\n * Shell command injection flaws were found in the way the setroubleshoot\nallow_execmod and allow_execstack plugins executed external commands. A\nlocal attacker able to trigger an execmod or execstack SELinux denial could\nuse these flaws to execute arbitrary code with privileges of the\nsetroubleshoot user. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik\n(Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat Product\nSecurity.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is run\nwith root privileges. Therefore, these issues could allow an attacker to\nexecute arbitrary code with root privileges.\");\n script_tag(name:\"affected\", value:\"setroubleshoot on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:1293\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-June/021939.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot\", rpm:\"setroubleshoot~3.2.24~4.el7_2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-server\", rpm:\"setroubleshoot-server~3.2.24~4.el7_2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:38:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220161033", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220161033", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for setroubleshoot, setroubleshoot-plugins (EulerOS-SA-2016-1033)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2016.1033\");\n script_version(\"2020-01-23T15:42:05+0000\");\n script_cve_id(\"CVE-2016-4444\", \"CVE-2016-4446\", \"CVE-2016-4989\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:42:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:39:12 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for setroubleshoot, setroubleshoot-plugins (EulerOS-SA-2016-1033)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2016-1033\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1033\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'setroubleshoot, setroubleshoot-plugins' package(s) announced via the EulerOS-SA-2016-1033 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with privileges of the setroubleshoot user.(CVE-2016-4989)\n\nShell command injection flaws were found in the way the setroubleshoot allow_execmod and allow_execstack plugins executed external commands. A local attacker able to trigger an execmod or execstack SELinux denial could use these flaws to execute arbitrary code with privileges of the setroubleshoot user. (CVE-2016-4444, CVE-2016-4446)\");\n\n script_tag(name:\"affected\", value:\"'setroubleshoot, setroubleshoot-plugins' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"setroubleshoot\", rpm:\"setroubleshoot~3.2.24~4\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"setroubleshoot-server\", rpm:\"setroubleshoot-server~3.2.24~4\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"setroubleshoot-plugins\", rpm:\"setroubleshoot-plugins~3.0.59~2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-06-24T00:00:00", "id": "OPENVAS:1361412562310808480", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808480", "type": "openvas", "title": "Fedora Update for setroubleshoot FEDORA-2016-047a86f5b1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for setroubleshoot FEDORA-2016-047a86f5b1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808480\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-24 06:38:08 +0200 (Fri, 24 Jun 2016)\");\n script_cve_id(\"CVE-2016-4446\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for setroubleshoot FEDORA-2016-047a86f5b1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'setroubleshoot'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"setroubleshoot on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-047a86f5b1\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BE2ZYZPCBO5TO5LHGH25LEL7R4RGLQUY\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot\", rpm:\"setroubleshoot~3.3.9.1~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-02T00:00:00", "id": "OPENVAS:1361412562310808527", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808527", "type": "openvas", "title": "Fedora Update for setroubleshoot FEDORA-2016-f597359bf2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for setroubleshoot FEDORA-2016-f597359bf2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808527\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-02 06:39:04 +0200 (Sat, 02 Jul 2016)\");\n script_cve_id(\"CVE-2016-4446\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for setroubleshoot FEDORA-2016-f597359bf2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'setroubleshoot'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"setroubleshoot on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-f597359bf2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PV4ZVU33B5W6HO3JMK75DCSIXSZ6VWHU\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot\", rpm:\"setroubleshoot~3.2.27.1~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4446"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-10T00:00:00", "id": "OPENVAS:1361412562310808547", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808547", "type": "openvas", "title": "Fedora Update for setroubleshoot-plugins FEDORA-2016-b68f69b086", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for setroubleshoot-plugins FEDORA-2016-b68f69b086\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808547\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-10 07:18:46 +0200 (Sun, 10 Jul 2016)\");\n script_cve_id(\"CVE-2016-4446\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for setroubleshoot-plugins FEDORA-2016-b68f69b086\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'setroubleshoot-plugins'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"setroubleshoot-plugins on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-b68f69b086\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6Y2EVY46UPSCZ6XDBCOKHTKKGCYTA6L\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"setroubleshoot-plugins\", rpm:\"setroubleshoot-plugins~3.3.5.1~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2021-02-02T06:28:07", "description": "The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.", "edition": 6, "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-11T18:59:00", "title": "CVE-2016-4446", "type": "cve", "cwe": ["CWE-77"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4446"], "modified": "2017-04-17T13:29:00", "cpe": ["cpe:/a:setroubleshoot_project:setroubleshoot:-", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_hpc_node:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0"], "id": "CVE-2016-4446", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4446", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:setroubleshoot_project:setroubleshoot:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:07", "description": "The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.", "edition": 6, "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-11T18:59:00", "title": "CVE-2016-4445", "type": "cve", "cwe": ["CWE-77"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4445"], "modified": "2017-04-17T13:16:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/a:setroubleshoot_project:setroubleshoot:3.2.22", "cpe:/o:redhat:enterprise_linux_hpc_node:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0"], "id": "CVE-2016-4445", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4445", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:setroubleshoot_project:setroubleshoot:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:08", "description": "setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445.", "edition": 6, "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-11T18:59:00", "title": "CVE-2016-4989", "type": "cve", "cwe": ["CWE-77"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4989"], "modified": "2017-04-17T16:36:00", "cpe": ["cpe:/a:setroubleshoot_project:setroubleshoot:-", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_hpc_node:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0"], "id": "CVE-2016-4989", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4989", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:setroubleshoot_project:setroubleshoot:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:07", "description": "The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.", "edition": 6, "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-11T18:59:00", "title": "CVE-2016-4444", "type": "cve", "cwe": ["CWE-77"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4444"], "modified": "2017-04-17T12:47:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/a:setroubleshoot_project:setroubleshoot:3.2.22", "cpe:/o:redhat:enterprise_linux_hpc_node:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0"], "id": "CVE-2016-4444", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4444", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:setroubleshoot_project:setroubleshoot:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*"]}], "centos": [{"lastseen": "2019-12-20T18:28:38", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4446", "CVE-2016-4444", "CVE-2016-4989"], "description": "**CentOS Errata and Security Advisory** CESA-2016:1293\n\n\nThe setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache (AVC) messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution.\n\nThe setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials.\n\nSecurity Fix(es):\n\n* Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with privileges of the setroubleshoot user. (CVE-2016-4989)\n\n* Shell command injection flaws were found in the way the setroubleshoot allow_execmod and allow_execstack plugins executed external commands. A local attacker able to trigger an execmod or execstack SELinux denial could use these flaws to execute arbitrary code with privileges of the setroubleshoot user. (CVE-2016-4444, CVE-2016-4446)\n\nThe CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat Product Security.\n\nNote: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is run with root privileges. Therefore, these issues could allow an attacker to execute arbitrary code with root privileges.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-June/033977.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-June/033978.html\n\n**Affected packages:**\nsetroubleshoot\nsetroubleshoot-plugins\nsetroubleshoot-server\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-1293.html", "edition": 3, "modified": "2016-06-23T23:41:47", "published": "2016-06-23T23:41:47", "href": "http://lists.centos.org/pipermail/centos-announce/2016-June/033977.html", "id": "CESA-2016:1293", "title": "setroubleshoot security update", "type": "centos", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4446"], "description": "This package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials. ", "modified": "2016-06-23T17:55:41", "published": "2016-06-23T17:55:41", "id": "FEDORA:5F7F76074A47", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: setroubleshoot-plugins-3.3.5.1-1.fc24", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4446"], "description": "setroubleshoot GUI. Application that allows you to view setroubleshoot-serv er messages. Provides tools to help diagnose SELinux problems. When AVC messages are generated an alert can be generated that will give information about the problem and help track its resolution. Alerts can be configured to user preference. The same tools can be run on existing log files. ", "modified": "2016-06-23T17:56:34", "published": "2016-06-23T17:56:34", "id": "FEDORA:67B33601F376", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: setroubleshoot-3.3.9.1-1.fc24", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4446"], "description": "setroubleshoot GUI. Application that allows you to view setroubleshoot-serv er messages. Provides tools to help diagnose SELinux problems. When AVC messages are generated an alert can be generated that will give information about the problem and help track its resolution. Alerts can be configured to user preference. The same tools can be run on existing log files. ", "modified": "2016-06-29T17:24:32", "published": "2016-06-29T17:24:32", "id": "FEDORA:D2E6C6085AEF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: setroubleshoot-3.3.9.1-1.fc23", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4446"], "description": "This package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials. ", "modified": "2016-07-02T19:35:19", "published": "2016-07-02T19:35:19", "id": "FEDORA:D77B7601FBF3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: setroubleshoot-plugins-3.3.5.1-1.fc23", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4446"], "description": "setroubleshoot GUI. Application that allows you to view setroubleshoot-serv er messages. Provides tools to help diagnose SELinux problems. When AVC messages are generated an alert can be generated that will give information about the problem and help track its resolution. Alerts can be configured to user preference. The same tools can be run on existing log files. ", "modified": "2016-06-29T17:21:06", "published": "2016-06-29T17:21:06", "id": "FEDORA:84A26607970B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: setroubleshoot-3.2.27.1-1.fc22", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}]}
