shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Shorewall | Shorewall | 1.4.5 | 1.4.5 |
Shorewall | Shorewall | 1.4.2 | 1.4.2 |
Shorewall | Shorewall | 1.4.9 | 1.4.9 |
Shorewall | Shorewall | 1.4.10 | 1.4.10 |
Shorewall | Shorewall | 2.0.3 | 2.0.3 |
Shorewall | Shorewall | 2.0.2 | 2.0.2 |
Shorewall | Shorewall | 1.4.3a | 1.4.3a |
Shorewall | Shorewall | 1.4.6 | 1.4.6 |
Shorewall | Shorewall | 1.4.3 | 1.4.3 |
Shorewall | Shorewall | 1.4.7 | 1.4.7 |
Shorewall | Shorewall | 1.4.4 | 1.4.4 |
Shorewall | Shorewall | 2.0 | 2.0 |
Shorewall | Shorewall | 1.4.8 | 1.4.8 |
Shorewall | Shorewall | 2.0.1 | 2.0.1 |
Shorewall | Shorewall | 1.4 | 1.4 |
Shorewall | Shorewall | 1.4.1 | 1.4.1 |