Gentoo Logo

FireHOL: Insecure temporary file creation

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200502-01 / FireHOL
Release Date February 01, 2005
Latest Revision May 22, 2006: 02
Impact normal
Exploitable local
Package Vulnerable versions Unaffected versions Architecture(s)
net-firewall/firehol < 1.224 >= 1.224 All supported architectures

Related bugreports: #79330

Synopsis

FireHOL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

2.  Impact Information

Background

FireHOL is an iptables rules generator.

Description

FireHOL insecurely creates temporary files with predictable names.

Impact

A local attacker could create malicious symbolic links to arbitrary system files. When FireHOL is executed, this could lead to these files being overwritten with the rights of the user launching FireHOL, usually the root user.

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All FireHOL users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/firehol-1.224"

4.  References



Print

Page updated February 01, 2005

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.