ID

VAR-201003-0011

CVE

CVE-2009-4664

TITLE

Firewall Builder Vulnerability gained in

DESCRIPTION

Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script. Firewall Builder creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files or to execute arbitrary code with elevated privileges. Firewall Builder 3.0.4, 3.0.5, and 3.0.6 are vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Firewall Builder Insecure Temporary Files SECUNIA ADVISORY ID: SA36809 VERIFY ADVISORY: http://secunia.com/advisories/36809/ DESCRIPTION: A security issue has been reported in Firewall Builder, which can be exploited by malicious, local users to perform certain actions with escalated privileges. This can be exploited to e.g. overwrite arbitrary files via symlink attacks. Note: Only scripts setting iptable's static routing configuration are affected. The security issue is reported in versions 3.0.4, 3.0.5, and 3.0.6. SOLUTION: Update to version 3.0.7. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://blog.fwbuilder.org/2009/09/firewall-builder-v307-released.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Background ========== Firewall Builder is a GUI for easy management of multiple firewall platforms. Workaround ========== There is no known workaround at this time. Resolution ========== All Firewall Builder users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-firewall/fwbuilder-3.0.7" NOTE: This is a legacy GLSA. Updates for all affected architectures are available since March 09, 2010. It is likely that your system is already no longer affected by this issue. References ========== [ 1 ] CVE-2008-4956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4956 [ 2 ] CVE-2009-4664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4664 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201201-11.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/ ---------------------------------------------------------------------- TITLE: Fedora update for fwbuilder and libfwbuilder SECUNIA ADVISORY ID: SA38585 VERIFY ADVISORY: http://secunia.com/advisories/38585/ DESCRIPTION: Fedora has issued an update for fwbuilder and libfwbuilder. For more information: SA36809 SOLUTION: Apply updated packages using the yum utility ("yum update fwbuilder libfwbuilder")

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

local

TYPE

post link

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

NetCitadel

SOURCES

LAST UPDATE DATE

2024-08-14T12:42:28.627000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE