CVE Vulnerabilities

CVE-2005-4660

Published: Dec 31, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
1.2 LOW
AV:L/AC:H/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Race condition in IPCop (aka IPCop Firewall) before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by nobody but not yet encrypted, then executing ipcoprscfg to restore from this backup.

Affected Software

Name Vendor Start Version End Version
Ipcop Ipcop 1.4.5 1.4.5
Ipcop Ipcop 1.4.4 1.4.4
Ipcop Ipcop 1.4.2 1.4.2
Ipcop Ipcop 1.4.6 1.4.6
Ipcop Ipcop 1.4.9 1.4.9
Ipcop Ipcop 1.4.8 1.4.8
Ipcop Ipcop 1.4.1 1.4.1

References