ID

VAR-201003-0011


CVE

CVE-2009-4664


TITLE

Firewall Builder Vulnerability gained in

Trust: 0.8

sources: JVNDB: JVNDB-2010-003670

DESCRIPTION

Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script. Firewall Builder creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files or to execute arbitrary code with elevated privileges. Firewall Builder 3.0.4, 3.0.5, and 3.0.6 are vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Firewall Builder Insecure Temporary Files SECUNIA ADVISORY ID: SA36809 VERIFY ADVISORY: http://secunia.com/advisories/36809/ DESCRIPTION: A security issue has been reported in Firewall Builder, which can be exploited by malicious, local users to perform certain actions with escalated privileges. This can be exploited to e.g. overwrite arbitrary files via symlink attacks. Note: Only scripts setting iptable's static routing configuration are affected. The security issue is reported in versions 3.0.4, 3.0.5, and 3.0.6. SOLUTION: Update to version 3.0.7. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://blog.fwbuilder.org/2009/09/firewall-builder-v307-released.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Background ========== Firewall Builder is a GUI for easy management of multiple firewall platforms. Workaround ========== There is no known workaround at this time. Resolution ========== All Firewall Builder users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-firewall/fwbuilder-3.0.7" NOTE: This is a legacy GLSA. Updates for all affected architectures are available since March 09, 2010. It is likely that your system is already no longer affected by this issue. References ========== [ 1 ] CVE-2008-4956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4956 [ 2 ] CVE-2009-4664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4664 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201201-11.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/ ---------------------------------------------------------------------- TITLE: Fedora update for fwbuilder and libfwbuilder SECUNIA ADVISORY ID: SA38585 VERIFY ADVISORY: http://secunia.com/advisories/38585/ DESCRIPTION: Fedora has issued an update for fwbuilder and libfwbuilder. For more information: SA36809 SOLUTION: Apply updated packages using the yum utility ("yum update fwbuilder libfwbuilder")

Trust: 2.25

sources: NVD: CVE-2009-4664 // JVNDB: JVNDB-2010-003670 // BID: 36468 // VULHUB: VHN-42110 // PACKETSTORM: 81499 // PACKETSTORM: 108991 // PACKETSTORM: 86386

AFFECTED PRODUCTS

vendor:fwbuildermodel:firewall builderscope:eqversion:3.0.4

Trust: 2.4

vendor:fwbuildermodel:firewall builderscope:eqversion:3.0.5

Trust: 2.4

vendor:fwbuildermodel:firewall builderscope:eqversion:3.0.6

Trust: 1.6

vendor:fwbuildermodel:firewall builderscope:eqversion:and 3.0.6

Trust: 0.8

vendor:linuxmodel:kernelscope: - version: -

Trust: 0.8

vendor:netcitadelmodel:firewall builderscope:eqversion:3.0.6

Trust: 0.3

vendor:netcitadelmodel:firewall builderscope:eqversion:3.0.5

Trust: 0.3

vendor:netcitadelmodel:firewall builderscope:eqversion:3.0.4

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:netcitadelmodel:firewall builderscope:neversion:3.0.7

Trust: 0.3

sources: BID: 36468 // JVNDB: JVNDB-2010-003670 // CNNVD: CNNVD-201003-033 // NVD: CVE-2009-4664

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-4664
value: LOW

Trust: 1.0

NVD: CVE-2009-4664
value: LOW

Trust: 0.8

CNNVD: CNNVD-201003-033
value: LOW

Trust: 0.6

VULHUB: VHN-42110
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2009-4664
severity: LOW
baseScore: 3.3
vectorString: AV:L/AC:M/AU:N/C:N/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-42110
severity: LOW
baseScore: 3.3
vectorString: AV:L/AC:M/AU:N/C:N/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-42110 // JVNDB: JVNDB-2010-003670 // CNNVD: CNNVD-201003-033 // NVD: CVE-2009-4664

PROBLEMTYPE DATA

problemtype:CWE-59

Trust: 1.9

sources: VULHUB: VHN-42110 // JVNDB: JVNDB-2010-003670 // NVD: CVE-2009-4664

THREAT TYPE

local

Trust: 1.1

sources: BID: 36468 // PACKETSTORM: 81499 // PACKETSTORM: 86386 // CNNVD: CNNVD-201003-033

TYPE

post link

Trust: 0.6

sources: CNNVD: CNNVD-201003-033

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-003670

PATCH

title:Firewall Builder Release Notesurl:http://www.fwbuilder.org/4.0/docs/firewall_builder_release_notes.html#3.0.7

Trust: 0.8

title:Top Pageurl:http://jp.redhat.com/

Trust: 0.8

sources: JVNDB: JVNDB-2010-003670

EXTERNAL IDS

db:NVDid:CVE-2009-4664

Trust: 2.9

db:BIDid:36468

Trust: 2.0

db:SECUNIAid:36809

Trust: 1.8

db:OSVDBid:58247

Trust: 1.7

db:VUPENid:ADV-2010-0389

Trust: 1.1

db:JVNDBid:JVNDB-2010-003670

Trust: 0.8

db:CNNVDid:CNNVD-201003-033

Trust: 0.7

db:FEDORAid:FEDORA-2010-0157

Trust: 0.6

db:XFid:53392

Trust: 0.6

db:VULHUBid:VHN-42110

Trust: 0.1

db:PACKETSTORMid:81499

Trust: 0.1

db:PACKETSTORMid:108991

Trust: 0.1

db:SECUNIAid:38585

Trust: 0.1

db:PACKETSTORMid:86386

Trust: 0.1

sources: VULHUB: VHN-42110 // BID: 36468 // JVNDB: JVNDB-2010-003670 // PACKETSTORM: 81499 // PACKETSTORM: 108991 // PACKETSTORM: 86386 // CNNVD: CNNVD-201003-033 // NVD: CVE-2009-4664

REFERENCES

url:http://blog.fwbuilder.org/2009/09/firewall-builder-v307-released.html

Trust: 2.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2010-february/035112.html

Trust: 1.8

url:http://www.securityfocus.com/bid/36468

Trust: 1.7

url:http://www.fwbuilder.org/docs/firewall_builder_release_notes.html#3.0.7

Trust: 1.7

url:https://bugzilla.redhat.com/show_bug.cgi?id=524588

Trust: 1.7

url:http://osvdb.org/58247

Trust: 1.7

url:http://secunia.com/advisories/36809

Trust: 1.7

url:http://www.vupen.com/english/advisories/2010/0389

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/53392

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4664

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4664

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/53392

Trust: 0.6

url:http://www.fwbuilder.org/

Trust: 0.3

url:http://secunia.com/advisories/36809/

Trust: 0.2

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.2

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.2

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.2

url:http://secunia.com/advisories/business_solutions/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4664

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2009-4664

Trust: 0.1

url:http://security.gentoo.org/glsa/glsa-201201-11.xml

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-4956

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4956

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://secunia.com/blog/71/

Trust: 0.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2010-february/035113.html

Trust: 0.1

url:http://secunia.com/advisories/38585/

Trust: 0.1

sources: VULHUB: VHN-42110 // BID: 36468 // JVNDB: JVNDB-2010-003670 // PACKETSTORM: 81499 // PACKETSTORM: 108991 // PACKETSTORM: 86386 // CNNVD: CNNVD-201003-033 // NVD: CVE-2009-4664

CREDITS

NetCitadel

Trust: 0.6

sources: CNNVD: CNNVD-201003-033

SOURCES

db:VULHUBid:VHN-42110
db:BIDid:36468
db:JVNDBid:JVNDB-2010-003670
db:PACKETSTORMid:81499
db:PACKETSTORMid:108991
db:PACKETSTORMid:86386
db:CNNVDid:CNNVD-201003-033
db:NVDid:CVE-2009-4664

LAST UPDATE DATE

2024-08-14T12:42:28.627000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-42110date:2017-08-17T00:00:00
db:BIDid:36468date:2015-04-13T21:49:00
db:JVNDBid:JVNDB-2010-003670date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-201003-033date:2010-03-04T00:00:00
db:NVDid:CVE-2009-4664date:2017-08-17T01:31:42.087

SOURCES RELEASE DATE

db:VULHUBid:VHN-42110date:2010-03-03T00:00:00
db:BIDid:36468date:2009-09-21T00:00:00
db:JVNDBid:JVNDB-2010-003670date:2012-06-26T00:00:00
db:PACKETSTORMid:81499date:2009-09-21T14:52:16
db:PACKETSTORMid:108991date:2012-01-24T04:15:19
db:PACKETSTORMid:86386date:2010-02-16T17:06:59
db:CNNVDid:CNNVD-201003-033date:2010-03-03T00:00:00
db:NVDid:CVE-2009-4664date:2010-03-03T20:30:00.650