Gentoo Logo

FireHOL: Insecure temporary file creation

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200502-01 / FireHOL
Release Date February 01, 2005
Latest Revision May 22, 2006: 02
Impact normal
Exploitable local
Package Vulnerable versions Unaffected versions Architecture(s)
net-firewall/firehol < 1.224 >= 1.224 All supported architectures

Related bugreports: #79330

Synopsis

FireHOL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

2.  Impact Information

Background

FireHOL is an iptables rules generator.

Description

FireHOL insecurely creates temporary files with predictable names.

Impact

A local attacker could create malicious symbolic links to arbitrary system files. When FireHOL is executed, this could lead to these files being overwritten with the rights of the user launching FireHOL, usually the root user.

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All FireHOL users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/firehol-1.224"

4.  References

Print

Updated February 01, 2005

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Support OSL

Support OSL

Gentoo Centric Hosting: vr.org

VR Hosted

Tek Alchemy

Tek Alchemy

SevenL.net

SevenL.net

Global Netoptex Inc.

Global Netoptex Inc.

Bytemark

Bytemark
Copyright 2001-2008 Gentoo Foundation, Inc. Questions, Comments? Contact us.