fwsnort loaded configuration file from cwd when run as a non-root user

2014.02.03
Risk: Medium
Local: Yes
Remote: No
CWE: CWE-Other


CVSS Base Score: 4.4/10
Impact Subscore: 6.4/10
Exploitability Subscore: 3.4/10
Exploit range: Local
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

Good morning, When fwsnort was run as a non-root user, it opened the fwsnort.conf file from the current working directory if a configuration file was not explicitly specified. The configuration file can specify a directory to load libraries from, so this would have been an issue if running fwsnort in an attacker-controlled directory. Michael Rash has released fwsnort-1.6.4 to fix this issue: http://www.cipherdyne.org/fwsnort/download/ https://github.com/mrash/fwsnort/blob/master/ChangeLog The patch (with further issue details) for CVE-2014-0039 is: https://github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348 For the affected versions, I had only tested 1.6.3 (on Fedora and EPEL). Cheers, -- Murray McAllister / Red Hat Security Response Team

References:

https://github.com/mrash/fwsnort/blob/master/ChangeLog
https://github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top