Back to search
CVE-2016-5410
Published: Apr 19, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.firewalld.org/2016/08/firewalld-0-4-3-3-release
x_refsource_CONFIRM
FEDORA-2016-4dedc6ec3d
vendor-advisory
x_refsource_FEDORA
FEDORA-2016-de55d2c2c9
vendor-advisory
x_refsource_FEDORA
92481
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=1360135
x_refsource_CONFIRM
GLSA-201701-70
vendor-advisory
x_refsource_GENTOO
RHSA-2016:2597
vendor-advisory
x_refsource_REDHAT
[oss-security] 20160816 firewalld: Firewall configuration can be modified by any logged in user
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now