Lucene search
PRIOn knowledge basePRION:CVE-2016-4446HistoryApr 11, 2017 - 6:59 p.m.
Design/Logic Flaw
2017-04-1118:59:00
PRIOn knowledge base
www.prio-n.com
4
The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.
| CPE | Name | Operator | Version |
|---|---|---|---|
| enterprise_linux_desktop | eq | 7.0 | |
| enterprise_linux_hpc_node | eq | 7.0 | |
| enterprise_linux_server | eq | 7.0 | |
| enterprise_linux_workstation | eq | 7.0 |
References
seclists.org/oss-sec/2016/q2/575
www.securityfocus.com/bid/91427
www.securitytracker.com/id/1036144
access.redhat.com/errata/RHSA-2016:1293
bugzilla.redhat.com/show_bug.cgi?id=1339250
github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718
rhn.redhat.com/errata/RHSA-2016-1267.html
Related
nessus
nessus
Fedora 24 : setroubleshoot (2016-047a86f5b1)
2016-07-14 00:00:00
Fedora 22 : setroubleshoot (2016-f597359bf2)
2016-07-15 00:00:00
Fedora 24 : setroubleshoot-plugins (2016-75ca94dee3)
2016-07-14 00:00:00
cve
cve
CVE-2016-4446
2017-04-11 18:59:00
fedora
fedora
[SECURITY] Fedora 24 Update: setroubleshoot-plugins-3.3.5.1-1.fc24
2016-06-23 17:55:41
[SECURITY] Fedora 23 Update: setroubleshoot-plugins-3.3.5.1-1.fc23
2016-07-02 19:35:19
[SECURITY] Fedora 24 Update: setroubleshoot-3.3.9.1-1.fc24
2016-06-23 17:56:34
nvd
nvd
CVE-2016-4446
2017-04-11 18:59:00
openvas
openvas
Fedora Update for setroubleshoot FEDORA-2016-047a86f5b1
2016-06-24 00:00:00
Fedora Update for setroubleshoot FEDORA-2016-f597359bf2
2016-07-02 00:00:00
Fedora Update for setroubleshoot-plugins FEDORA-2016-b68f69b086
2016-07-10 00:00:00
veracode
veracode
Arbitrary Command Execution
2019-05-02 05:34:44
osv
osv
CVE-2016-4446
2017-04-11 18:59:00
cvelist
cvelist
CVE-2016-4446
2017-04-11 18:00:00
redhatcve
redhatcve
CVE-2016-4446
2016-06-21 11:48:35
redhat
redhat
centos
centos
setroubleshoot security update
2016-06-23 23:41:47
setroubleshoot security update
2016-06-21 19:07:23
oraclelinux
oraclelinux
setroubleshoot and setroubleshoot-plugins security update
2016-06-23 00:00:00
setroubleshoot and setroubleshoot-plugins security update
2016-06-21 00:00:00
