ID

VAR-200505-0164

CVE

CVE-2005-0515

TITLE

Webroot My Firewall Local unsafe file creation vulnerability

DESCRIPTION

Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files. A local insecure file creation vulnerability affects Webroot My Firewall. This issue is due to an access validation issue that allows an unprivileged user to create files with escalated privileges. This issue may be exploited by a local attacker to corrupt arbitrary files on an affected computer with SYSTEM privileges. ---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: My Firewall Plus Arbitrary File Corruption Vulnerability SECUNIA ADVISORY ID: SA13577 VERIFY ADVISORY: http://secunia.com/advisories/13577/ CRITICAL: Not critical IMPACT: Manipulation of data, DoS WHERE: Local system SOFTWARE: My Firewall Plus 5.x http://secunia.com/product/4276/ DESCRIPTION: Secunia Research has discovered a vulnerability in My Firewall Plus, which can be exploited by malicious, local users to manipulate the content of arbitrary files on a vulnerable system. Successful exploitation requires that the user has access to the Log Viewer (all users by default). The vulnerability has been confirmed in version 5.0 (build 1117). Other versions may also be affected. NOTE: This vulnerability has been rated "Not critical" as only trusted users should have access to the configuration and logging functionality. SOLUTION: Update to version 5.0 (build 1119) or apply patch. Patch: http://www.webroot.com/services/mfp_patch.exe Use the "Password Protection" feature to restrict access to the configuration and logging functionality. PROVIDED AND/OR DISCOVERED BY: Carsten Eiram, Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2004-20/ Webroot: http://www.webroot.com/services/mfp_advisory.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

local

TYPE

access verification error

EXTERNAL IDS

REFERENCES

CREDITS

Carsten Eiram is credited with the discovery of this issue.

SOURCES

LAST UPDATE DATE

2024-08-14T14:08:51.025000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE