Details of VAR-200506-0083

ID

VAR-200506-0083

CVE

CVE-2005-1878

TITLE

GIPTables Firewall 'temp.ip.addresses' Arbitrary file coverage vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200506-059

DESCRIPTION

GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file. Giptables Firewall is prone to a local security vulnerability. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: GIPTables Firewall Insecure Temporary File Creation SECUNIA ADVISORY ID: SA15604 VERIFY ADVISORY: http://secunia.com/advisories/15604/ CRITICAL: Not critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: GIPTables Firewall 1.x http://secunia.com/product/5214/ DESCRIPTION: Eric Romang has reported a vulnerability in GIPTables Firewall, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. The vulnerability is caused due to temporary files being created insecurely. The vulnerability has been reported in version 1.1 and prior. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: Eric Romang, ZATAZ Audit ORIGINAL ADVISORY: http://www.zataz.net/adviso/giptables-05222005.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-1878 // BID: 89898 // VULHUB: VHN-13087 // PACKETSTORM: 37902

AFFECTED PRODUCTS

vendor:	giptables	model:	firewall	scope:	lte	version:	1.1	Trust: 1.0
vendor:	giptables	model:	firewall	scope:	eq	version:	1.1	Trust: 0.9

sources: BID: 89898 // CNNVD: CNNVD-200506-059 // NVD: CVE-2005-1878

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-1878
value:	LOW
Trust: 1.0
CNNVD:	CNNVD-200506-059
value:	LOW
Trust: 0.6
VULHUB:	VHN-13087
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2005-1878
severity:	LOW
baseScore:	1.2
vectorString:	AV:L/AC:H/AU:N/C:N/I:P/A:N
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	1.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-13087
severity:	LOW
baseScore:	1.2
vectorString:	AV:L/AC:H/AU:N/C:N/I:P/A:N
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	1.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-13087 // CNNVD: CNNVD-200506-059 // NVD: CVE-2005-1878

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1878

THREAT TYPE

local

Trust: 1.0

sources: BID: 89898 // PACKETSTORM: 37902 // CNNVD: CNNVD-200506-059

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200506-059

EXTERNAL IDS

db:	SECTRACK	id:	1014109	Trust: 2.0
db:	NVD	id:	CVE-2005-1878	Trust: 2.0
db:	SECUNIA	id:	15604	Trust: 1.8
db:	CNNVD	id:	CNNVD-200506-059	Trust: 0.7
db:	FULLDISC	id:	20050606 GIPTABLES FIREWALL <= V1.1 INSECURE TEMPORARY FILE CREATION	Trust: 0.6
db:	BID	id:	89898	Trust: 0.4
db:	VULHUB	id:	VHN-13087	Trust: 0.1
db:	PACKETSTORM	id:	37902	Trust: 0.1

sources: VULHUB: VHN-13087 // BID: 89898 // PACKETSTORM: 37902 // CNNVD: CNNVD-200506-059 // NVD: CVE-2005-1878

REFERENCES

url:	http://www.zataz.net/adviso/giptables-05222005.txt	Trust: 2.1
url:	http://lists.grok.org.uk/pipermail/full-disclosure/2005-june/034423.html	Trust: 2.0
url:	http://securitytracker.com/id?1014109	Trust: 2.0
url:	http://secunia.com/advisories/15604	Trust: 1.7
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/5214/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/15604/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-13087 // BID: 89898 // PACKETSTORM: 37902 // CNNVD: CNNVD-200506-059 // NVD: CVE-2005-1878

CREDITS

Unknown

Trust: 0.3

sources: BID: 89898

SOURCES

db:	VULHUB	id:	VHN-13087
db:	BID	id:	89898
db:	PACKETSTORM	id:	37902
db:	CNNVD	id:	CNNVD-200506-059
db:	NVD	id:	CVE-2005-1878

LAST UPDATE DATE

2024-08-14T14:22:56.238000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-13087	date:	2008-09-05T00:00:00
db:	BID	id:	89898	date:	2005-06-09T00:00:00
db:	CNNVD	id:	CNNVD-200506-059	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-1878	date:	2008-09-05T20:50:19.430

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-13087	date:	2005-06-09T00:00:00
db:	BID	id:	89898	date:	2005-06-09T00:00:00
db:	PACKETSTORM	id:	37902	date:	2005-06-16T05:01:37
db:	CNNVD	id:	CNNVD-200506-059	date:	2005-06-09T00:00:00
db:	NVD	id:	CVE-2005-1878	date:	2005-06-09T04:00:00