Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <52EEDB9E.4050908@redhat.com>
Date: Mon, 03 Feb 2014 10:58:22 +1100
From: Murray McAllister <mmcallis@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2014-0039: fwsnort loaded configuration file from cwd when run
 as a non-root user

Good morning,

When fwsnort was run as a non-root user, it opened the fwsnort.conf file
from the current working directory if a configuration file was not
explicitly specified. The configuration file can specify a directory to
load libraries from, so this would have been an issue if running fwsnort
in an attacker-controlled directory.

Michael Rash has released fwsnort-1.6.4 to fix this issue:

http://www.cipherdyne.org/fwsnort/download/
https://github.com/mrash/fwsnort/blob/master/ChangeLog

The patch (with further issue details) for CVE-2014-0039 is:

https://github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348

For the affected versions, I had only tested 1.6.3 (on Fedora and EPEL).

Cheers,

--
Murray McAllister / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.