22 matches found
CVE-2016-4446
The allowexecstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function...
CVE-2016-4446
CVE-2016-4446 affects the setroubleshoot ecosystem (the allow_execstack plugin) and enables local users to run arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to commands.getoutput. Evidence across sources (Red Hat/AXSA entries and EulerOS/OpenVAS/NAS...
Fedora 23 : setroubleshoot (2016-f2493c754a)
Security fix for CVE-2016-4446 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora 23 : setroubleshoot-plugins (2016-b68f69b086)
Security fix for CVE-2016-4446 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora 22 : setroubleshoot (2016-f597359bf2)
Security fix for CVE-2016-4446 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora 24 : setroubleshoot-plugins (2016-75ca94dee3)
Security fix for CVE-2016-4446 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora 24 : setroubleshoot (2016-047a86f5b1)
Security fix for CVE-2016-4446 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora Update for setroubleshoot-plugins FEDORA-2016-b68f69b086
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : setroubleshoot and setroubleshoot-plugins on SL6.x i386/x86_64 (20160621)
The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials. Security Fixes : - Shell command injection...
CentOS 7 : setroubleshoot / setroubleshoot-plugins (CESA-2016:1293)
An update for setroubleshoot and setroubleshoot-plugins is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RedHat Update for setroubleshoot and setroubleshoot-plugins RHSA-2016:1293-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : setroubleshoot / and / setroubleshoot-plugins (ELSA-2016-1293)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1293 advisory. setroubleshoot 3.2.24-4.0.1 - Add setroubleshoot-oracle-enterprise.patch to change bug reporting URL to linux.oracle.com 3.2.24-4 - Catch all subproces...
RHEL 7 : setroubleshoot and setroubleshoot-plugins (RHSA-2016:1293)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1293 advisory. The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache AVC messages are returned, an alert ca...
setroubleshoot and setroubleshoot-plugins security update
setroubleshoot 3.2.24-4.0.1 - Add setroubleshoot-oracle-enterprise.patch to change bug reporting URL to linux.oracle.com 3.2.24-4 - Catch all subprocess module exceptions 3.2.24-3 - Use subprocess.checkoutput with a sequence of program arguments 3.2.24-2 - Do not use dangerous shell=True...
CentOS 6 : setroubleshoot / setroubleshoot-plugins (CESA-2016:1267)
An update for setroubleshoot and setroubleshoot-plugins is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Oracle Linux 6 : setroubleshoot / and / setroubleshoot-plugins (ELSA-2016-1267)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1267 advisory. - Don't use command.getoutput Resolves: CVE-2016-4445 setroubleshoot-plugins Tenable has extracted the preceding description block directly from the...
CentOS Update for setroubleshoot CESA-2016:1267 centos6
Check the version of setroubleshoot SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882509";...
RedHat Update for setroubleshoot and setroubleshoot-plugins RHSA-2016:1267-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : setroubleshoot and setroubleshoot-plugins (RHSA-2016:1267)
An update for setroubleshoot and setroubleshoot-plugins is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: setroubleshoot and setroubleshoot-plugins security update
An update for setroubleshoot and setroubleshoot-plugins is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...