Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Setroubleshoot Project Security Vulnerabilities

cve
cve

CVE-2016-4444

The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.

7CVSS

6.9AI Score

0.0004EPSS

2017-04-11 06:59 PM
31
4
cve
cve

CVE-2016-4445

The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.

7CVSS

6.8AI Score

0.0004EPSS

2017-04-11 06:59 PM
33
4
cve
cve

CVE-2016-4446

The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.

7CVSS

6.9AI Score

0.0004EPSS

2017-04-11 06:59 PM
29
4
cve
cve

CVE-2016-4989

setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in ...

7CVSS

6.8AI Score

0.0004EPSS

2017-04-11 06:59 PM
32