CVE Vulnerabilities

CVE-2004-0647

Published: Aug 06, 2004 | Modified: Nov 20, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file.

Affected Software

Name Vendor Start Version End Version
Shorewall Shorewall 1.4 (including) 1.4 (including)
Shorewall Shorewall 1.4.1 (including) 1.4.1 (including)
Shorewall Shorewall 1.4.2 (including) 1.4.2 (including)
Shorewall Shorewall 1.4.3 (including) 1.4.3 (including)
Shorewall Shorewall 1.4.3a (including) 1.4.3a (including)
Shorewall Shorewall 1.4.4 (including) 1.4.4 (including)
Shorewall Shorewall 1.4.5 (including) 1.4.5 (including)
Shorewall Shorewall 1.4.6 (including) 1.4.6 (including)
Shorewall Shorewall 1.4.7 (including) 1.4.7 (including)
Shorewall Shorewall 1.4.8 (including) 1.4.8 (including)
Shorewall Shorewall 1.4.9 (including) 1.4.9 (including)
Shorewall Shorewall 1.4.10 (including) 1.4.10 (including)
Shorewall Shorewall 2.0 (including) 2.0 (including)
Shorewall Shorewall 2.0.1 (including) 2.0.1 (including)
Shorewall Shorewall 2.0.2 (including) 2.0.2 (including)
Shorewall Shorewall 2.0.3 (including) 2.0.3 (including)

References