Rapid7 Vulnerability & Exploit Database

RHSA-2008:0061: setroubleshoot security and bug fix update

Back to Search

RHSA-2008:0061: setroubleshoot security and bug fix update

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
05/23/2008
Created
07/25/2018
Added
05/23/2008
Modified
07/04/2017

Description

The setroubleshoot packages provide tools to help diagnose SELinuxproblems. When AVC messages occur, an alert is generated that givesinformation about the problem, and how to create a resolution.A flaw was found in the way sealert wrote diagnostic messages to atemporary file. A local unprivileged user could perform a symbolic linkattack, and cause arbitrary files, writable by other users, to beoverwritten when a victim runs sealert. (CVE-2007-5495)A flaw was found in the way sealert displayed records from thesetroubleshoot database as unescaped HTML. An local unprivileged attackercould cause AVC denial events with carefully crafted process or file names,injecting arbitrary HTML tags into the logs, which could be used as ascripting attack, or to confuse the user running sealert. (CVE-2007-5496)Additionally, the following bugs have been fixed in these update packages:Users of setroubleshoot are advised to upgrade to these updated packages,which resolve these issues.

Solution(s)

  • redhat-upgrade-setroubleshoot
  • redhat-upgrade-setroubleshoot-plugins
  • redhat-upgrade-setroubleshoot-server

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;