CVE-2009-4664

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 03-03-2010 09:30

Last modified: - 23-01-2023 07:44

Total changes: - 8

Description

Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script.

Common Vulnerability Scoring System (CVSS)

AV:L/AC:M/Au:N/C:N/I:P/A:P

Low

Attack complexity

Local

Attack vector

Low

Availability

None

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

3.3

Base score

3.4

4.9

Exploitability score

Impact score

Verification logic

Reference

36809-Vendor Advisory
58247-
https://bugzilla.redhat.com/show_bug.cgi?id=524588
http://www.fwbuilder.org/docs/firewall_builder_release_notes.html#3.0.7
http://blog.fwbuilder.org/2009/09/firewall-builder-v307-released.html
36468-
FEDORA-2010-0157-
ADV-2010-0389-
firewallbuilder-temp-symlink(53392)-

Keywords

CVE-2009-4664

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2009-4664

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures