Published: 11/04/2017 Updated: 17/04/2017

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 614

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

The fix_lookup_id function in sealert in setroubleshoot prior to 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
setroubleshoot project setroubleshoot
redhat enterprise linux hpc node 7.0
redhat enterprise linux workstation 7.0
redhat enterprise linux desktop 7.0
redhat enterprise linux server 7.0

A shell command injection flaw was found in the way the setroubleshoot executed external commands A local attacker able to trigger certain SELinux denials could use this flaw to execute arbitrary code with root privileges ...

CWE-77 https://rhn.redhat.com/errata/RHSA-2016-1267.html https://github.com/fedora-selinux/setroubleshoot/commit/2d12677629ca319310f6263688bb1b7f676c01b7 https://bugzilla.redhat.com/show_bug.cgi?id=1339183 http://www.securitytracker.com/id/1036144 http://seclists.org/oss-sec/2016/q2/575 http://www.securityfocus.com/bid/91430 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2016-4445

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-4445

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect