3 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-3170
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - selinux-policy when sysctl fs.protectedhardlinks are set to 0 allows local users to cause a denial of service SSH login prevention by creating a hardlink to...
RHEL 7 : selinux-policy (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - selinux-policy: policy package update causes denial of service CVE-2015-3170 Note that Nessus has not tested for th...
CVE-2015-3170
CVE-2015-3170 describes a local denial-of-service in SELinux policy handling. The issue lies in the policy when sysctl fs.protected_hardlinks is set to 0, allowing a local user to create a hardlink to /etc/passwd from a directory named .config and then update selinux-policy, which prevents SSH lo...