Vulnerabilities > CVE-2014-0039 - Local Privilege Escalation vulnerability in fwsnort 'fwsnort.conf'
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Untrusted search path vulnerability in fwsnort before 1.6.4, when not running as root, allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory. Per: http://cwe.mitre.org/data/definitions/426.html "CWE-426: Untrusted Search Path"
Vulnerable Configurations
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2014-1972.NASL description notes=Fix CVE-2014-0039 fwsnort: configuration file can be loaded from cwd when run as a non-root user Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-02-13 plugin id 72464 published 2014-02-13 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72464 title Fedora 19 : fwsnort-1.6.4-1.fc19 (2014-1972) NASL family Fedora Local Security Checks NASL id FEDORA_2014-1975.NASL description Fix CVE-2014-0039 fwsnort: configuration file can be loaded from cwd when run as a non-root user Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-02-13 plugin id 72465 published 2014-02-13 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72465 title Fedora 20 : fwsnort-1.6.4-1.fc20 (2014-1975) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2014-409.NASL description Untrusted search path vulnerability in fwsnort before 1.6.4, when not running as root, allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory. last seen 2020-06-01 modified 2020-06-02 plugin id 78352 published 2014-10-12 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/78352 title Amazon Linux AMI : fwsnort (ALAS-2014-409)
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 65341 CVE(CAN) ID: CVE-2014-0039 fwsnort是一个perl脚本,可疑将Snort规则转换为相同的iptables规则。 fwsnort 1.6.4之前版本在非root权限运行时,存在可疑搜索路径漏洞,可使本地用户通过当前工作目录内的木马fwsnort.conf,利用此漏洞执行任意代码。 0 fwsnort fwsnort 1.6.3 fwsnort fwsnort 厂商补丁: fwsnort ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.cipherdyne.org/fwsnort/ https://github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348 |
| id | SSV:61491 |
| last seen | 2017-11-19 |
| modified | 2014-02-20 |
| published | 2014-02-20 |
| reporter | Root |
| title | fwsnort 'fwsnort.conf'本地权限提升漏洞 |
References
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128188.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128205.html
- http://osvdb.org/102822
- http://seclists.org/oss-sec/2014/q1/221
- http://www.securityfocus.com/bid/65341
- https://github.com/mrash/fwsnort/blob/master/ChangeLog
- https://github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348