The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Iptables-parse_module | Iptables-parse_project | 0.6 | 0.6 |
Iptables-parse_module | Iptables-parse_project | 1.5 | 1.5 |
Iptables-parse_module | Iptables-parse_project | 0.9 | 0.9 |
Iptables-parse_module | Iptables-parse_project | 1.6 | 1.6 |
Iptables-parse_module | Iptables-parse_project | 0.7 | 0.7 |
Iptables-parse_module | Iptables-parse_project | 1.3 | 1.3 |
Iptables-parse_module | Iptables-parse_project | 1.1 | 1.1 |
Iptables-parse_module | Iptables-parse_project | 1.0 | 1.0 |
Iptables-parse_module | Iptables-parse_project | 1.6.1 | 1.6.1 |
Iptables-parse_module | Iptables-parse_project | 0.8 | 0.8 |
Iptables-parse_module | Iptables-parse_project | 0.5 | 0.5 |
Iptables-parse_module | Iptables-parse_project | 1.3.1 | 1.3.1 |
Iptables-parse_module | Iptables-parse_project | 1.4 | 1.4 |