Gentoo Logo

FireHOL: Insecure temporary file creation


1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200502-01 / FireHOL
Release Date February 01, 2005
Latest Revision May 22, 2006: 02
Impact normal
Exploitable local
Package Vulnerable versions Unaffected versions Architecture(s)
net-firewall/firehol < 1.224 >= 1.224 All supported architectures

Related bugreports: #79330


FireHOL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

2.  Impact Information


FireHOL is an iptables rules generator.


FireHOL insecurely creates temporary files with predictable names.


A local attacker could create malicious symbolic links to arbitrary system files. When FireHOL is executed, this could lead to these files being overwritten with the rights of the user launching FireHOL, usually the root user.

3.  Resolution Information


There is no known workaround at this time.


All FireHOL users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/firehol-1.224"

4.  References


Page updated February 01, 2005

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2015 Gentoo Foundation, Inc. Questions, Comments? Contact us.