Date: Mon, 03 Feb 2014 10:58:22 +1100 From: Murray McAllister <mmcallis@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2014-0039: fwsnort loaded configuration file from cwd when run as a non-root user Good morning, When fwsnort was run as a non-root user, it opened the fwsnort.conf file from the current working directory if a configuration file was not explicitly specified. The configuration file can specify a directory to load libraries from, so this would have been an issue if running fwsnort in an attacker-controlled directory. Michael Rash has released fwsnort-1.6.4 to fix this issue: http://www.cipherdyne.org/fwsnort/download/ https://github.com/mrash/fwsnort/blob/master/ChangeLog The patch (with further issue details) for CVE-2014-0039 is: https://github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348 For the affected versions, I had only tested 1.6.3 (on Fedora and EPEL). Cheers, -- Murray McAllister / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ