SUSE CVE-2016-4444

The allowexecmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function...

CVE-2016-4444

creationtimestamp| type| source ---|---|--- 2019-08-02 07:51:35+00:00| seen| MISP/5d43eb5f-8f68-478d-ac49-08ec0a00020f...

CVE-2016-4444

The allowexecmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function...

CVE-2016-4444

CVE-2016-4444 details (from provided docs): The vulnerability affects the setroubleshoot ecosystem (the setroubleshoot package and its setroubleshoot-plugins) where an execmod denial can be triggered by crafting a binary filename. This allows a local user to execute arbitrary commands via the SEL...

RHEL 7 : setroubleshoot and setroubleshoot-plugins (RHSA-2016:1293)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1293 advisory. The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache AVC messages are returned, an alert ca...

CentOS 7 : setroubleshoot / setroubleshoot-plugins (CESA-2016:1293)

An update for setroubleshoot and setroubleshoot-plugins is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Scientific Linux Security Update : setroubleshoot and setroubleshoot-plugins on SL6.x i386/x86_64 (20160621)

The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials. Security Fixes : - Shell command injection...

Oracle Linux 7 : setroubleshoot / and / setroubleshoot-plugins (ELSA-2016-1293)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1293 advisory. setroubleshoot 3.2.24-4.0.1 - Add setroubleshoot-oracle-enterprise.patch to change bug reporting URL to linux.oracle.com 3.2.24-4 - Catch all subproces...

RedHat Update for setroubleshoot and setroubleshoot-plugins RHSA-2016:1293-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

setroubleshoot and setroubleshoot-plugins security update

setroubleshoot 3.2.24-4.0.1 - Add setroubleshoot-oracle-enterprise.patch to change bug reporting URL to linux.oracle.com 3.2.24-4 - Catch all subprocess module exceptions 3.2.24-3 - Use subprocess.checkoutput with a sequence of program arguments 3.2.24-2 - Do not use dangerous shell=True...

RedHat Update for setroubleshoot and setroubleshoot-plugins RHSA-2016:1267-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 : setroubleshoot / and / setroubleshoot-plugins (ELSA-2016-1267)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1267 advisory. - Don't use command.getoutput Resolves: CVE-2016-4445 setroubleshoot-plugins Tenable has extracted the preceding description block directly from the...

CentOS 6 : setroubleshoot / setroubleshoot-plugins (CESA-2016:1267)

An update for setroubleshoot and setroubleshoot-plugins is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 6 : setroubleshoot and setroubleshoot-plugins (RHSA-2016:1267)

An update for setroubleshoot and setroubleshoot-plugins is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CentOS Update for setroubleshoot CESA-2016:1267 centos6

Check the version of setroubleshoot SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882509";...

Important: Red Hat Security Advisory: setroubleshoot and setroubleshoot-plugins security update

An update for setroubleshoot and setroubleshoot-plugins is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2016-4444

A shell command injection flaw was found in the way the setroubleshoot allowexecmod plugin executed external commands. A local attacker able to trigger an execmod SELinux denial could use this flaw to execute arbitrary code with root privileges...

setroubleshoot and setroubleshoot-plugins security update

setroubleshoot 3.0.47-12.0.1 - Add setroubleshoot-oracle-enterprise.patch to change bug reporting URL to linux.oracle.com 3.0.47-12 - Don't use command.getoutput Resolves: CVE-2016-4445 setroubleshoot-plugins 3.0.40-3.1.0.1 - Add setroubleshoot-plugins-oracle-enterprise.patch 3.0.40-3.1 - Don't u...