Arbitrary Command Execution Vulnerability in allow_execmod Plugin for setroubleshoot
CVE-2016-4444 · MEDIUM Severity
AV:L/AC:M/AU:N/C:C/I:C/A:C
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.