CVE Vulnerabilities

CVE-2004-0647

Published: Aug 06, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file.

Affected Software

Name Vendor Start Version End Version
Shorewall Shorewall 1.4.5 1.4.5
Shorewall Shorewall 1.4.2 1.4.2
Shorewall Shorewall 1.4.9 1.4.9
Shorewall Shorewall 1.4.10 1.4.10
Shorewall Shorewall 2.0.3 2.0.3
Shorewall Shorewall 2.0.2 2.0.2
Shorewall Shorewall 1.4.3a 1.4.3a
Shorewall Shorewall 1.4.6 1.4.6
Shorewall Shorewall 1.4.3 1.4.3
Shorewall Shorewall 1.4.7 1.4.7
Shorewall Shorewall 1.4.4 1.4.4
Shorewall Shorewall 2.0 2.0
Shorewall Shorewall 1.4.8 1.4.8
Shorewall Shorewall 2.0.1 2.0.1
Shorewall Shorewall 1.4 1.4
Shorewall Shorewall 1.4.1 1.4.1

References