Detections
Analytics
Scientific Linux Security Update : firewalld on SL7.x (noarch) (20161103)
medium Nessus Plugin ID 95837
Language:
Synopsis
The remote Scientific Linux host is missing one or more security updates.Description
The following packages have been upgraded to a newer upstream version:firewalld (0.4.3.2).
Security Fix(es) :
- A flaw was found in the way firewalld allowed certain firewall configurations to be modified by unauthenticated users. Any locally logged in user could use this flaw to tamper or change firewall settings.
(CVE-2016-5410)
Additional Changes :
Solution
Update the affected packages.See Also
Plugin Details
Severity: Medium
ID: 95837
File Name: sl_20161103_firewalld_on_SL7_x.nasl
Version: 3.6
Type: local
Agent: unix
Published: 12/15/2016
Updated: 1/14/2021
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Low
Base Score: 2.1
Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N
CVSS v3
Risk Factor: Medium
Base Score: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vulnerability Information
CPE: p-cpe:/a:fermilab:scientific_linux:firewall-applet, p-cpe:/a:fermilab:scientific_linux:firewall-config, p-cpe:/a:fermilab:scientific_linux:firewalld, p-cpe:/a:fermilab:scientific_linux:firewalld-filesystem, p-cpe:/a:fermilab:scientific_linux:python-firewall, x-cpe:/o:fermilab:scientific_linux
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Patch Publication Date: 11/3/2016
Vulnerability Publication Date: 4/19/2017
Reference Information
CVE: CVE-2016-5410