This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2011-02-24
Product Policycoreutils Last view 2011-02-24
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:redhat:policycoreutils:2.0.41:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.29.25:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.30.4:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.25.1:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.29.26:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.21.5:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.40:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.7:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.71:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.27.29:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.29.1:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.35:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.27.30:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.21.7:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.30.22:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.30.10:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.20:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.21.13:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.25.7:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.33.15:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.23.6:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.66:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.27.10:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.33.13:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.60:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.21.14:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.30:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.77:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.29.23:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.29.10:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.27.4:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.49:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.29.17:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.30.29:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.26:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.5:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.27.25:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.25:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.30.19:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.24:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.55:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.30.7:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.62:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.6:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.29.24:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.29.5:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.81:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:2.0.43:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.27.12:*:*:*:*:*:*:* 1
cpe:2.3:a:redhat:policycoreutils:1.30.31:*:*:*:*:*:*:* 1

Related : CVE

  Date Alert Description
6.9 2011-02-24 CVE-2011-1011

The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-264 Permissions, Privileges, and Access Controls

Oval Markup Language : Definitions

OvalID Name
oval:org.mitre.oval:def:21423 RHSA-2011:0414: policycoreutils security update (Important)
oval:org.mitre.oval:def:23059 ELSA-2011:0414: policycoreutils security update (Important)
oval:org.mitre.oval:def:27195 DEPRECATED: ELSA-2011-0414 -- policycoreutils security update (important)

Open Source Vulnerability Database (OSVDB)

id Description
72541 Red Hat policycoreutils seunshare sandbox/seunshare.c seunshare_mount Functio...

OpenVAS Exploits

id Description
2012-06-06 Name : RedHat Update for policycoreutils RHSA-2011:0414-01
File : nvt/gb_RHSA-2011_0414-01_policycoreutils.nasl
2011-03-24 Name : Fedora Update for policycoreutils FEDORA-2011-3043
File : nvt/gb_fedora_2011_3043_policycoreutils_fc14.nasl

Nessus® Vulnerability Scanner

id Description
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2011-0414.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20110404_policycoreutils_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2011-04-05 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2011-0414.nasl - Type: ACT_GATHER_INFO
2011-03-21 Name: The remote Fedora host is missing a security update.
File: fedora_2011-3043.nasl - Type: ACT_GATHER_INFO