Arbitrary Command Execution Vulnerability in allow_execmod Plugin for setroubleshoot

Arbitrary Command Execution Vulnerability in allow_execmod Plugin for setroubleshoot

CVE-2016-4444 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.