Test ID:	1.3.6.1.4.1.25623.1.0.871681
Category:	Red Hat Local Security Checks
Title:	RedHat Update for firewalld RHSA-2016:2597-02
Summary:	The remote host is missing an update for the 'firewalld'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'firewalld' package(s) announced via the referenced advisory. Vulnerability Insight: firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. The following packages have been upgraded to a newer upstream version: firewalld (0.4.3.2). (BZ#1302802) Security Fix(es): * A flaw was found in the way firewalld allowed certain firewall configurations to be modified by unauthenticated users. Any locally logged in user could use this flaw to tamper or change firewall settings. (CVE-2016-5410) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section. Affected Software/OS: firewalld on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5410 BugTraq ID: 92481 http://www.securityfocus.com/bid/92481 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJMYLGRVKIPJEI3VZJ4WQZT7FBQ5BKO/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPM3GUQRU2KPRXDEQLAMCDQEAIARJSBT/ https://security.gentoo.org/glsa/201701-70 http://www.openwall.com/lists/oss-security/2016/08/16/3 RedHat Security Advisories: RHSA-2016:2597 http://rhn.redhat.com/errata/RHSA-2016-2597.html
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.