MidnightBSD

Advisories for firehol

CVE-2005-0225 LOW

firehol.sh in FireHOL before 1.224 creates temporary files with predictable file names, which could allow local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
firehol firehol 1.215
firehol firehol 1.102
firehol firehol 1.169
firehol firehol 1.75
firehol firehol 1.79
firehol firehol 1.165
firehol firehol 1.183
firehol firehol 1.37
firehol firehol 1.153
firehol firehol 1.127
firehol firehol 1.36
firehol firehol 1.122
firehol firehol 1.7
firehol firehol 1.32
firehol firehol 1.47
firehol firehol 1.193
firehol firehol 1.156
firehol firehol 1.96
firehol firehol 1.203
firehol firehol 1.108
firehol firehol 1.195
firehol firehol 1.224
firehol firehol 1.111
firehol firehol 1.221
firehol firehol 1.154
firehol firehol 1.143
firehol firehol 1.100
firehol firehol 1.189
firehol firehol 1.131
firehol firehol 1.223
firehol firehol 1.78
firehol firehol 1.144
firehol firehol 1.68
firehol firehol 1.181
firehol firehol 1.11
firehol firehol 1.177
firehol firehol 1.184
firehol firehol 1.180
firehol firehol 1.134
firehol firehol 1.149
firehol firehol 1.123
firehol firehol 1.152
firehol firehol 1.48
firehol firehol 1.84
firehol firehol 1.45
firehol firehol 1.42
firehol firehol 1.162
firehol firehol 1.41
firehol firehol 1.150
firehol firehol 1.211
firehol firehol 1.208
firehol firehol 1.196
firehol firehol 1.142
firehol firehol 1.155
firehol firehol 1.52
firehol firehol 1.67
firehol firehol 1.12
firehol firehol 1.21
firehol firehol 1.62
firehol firehol 1.20
firehol firehol 1.66
firehol firehol 1.158
firehol firehol 1.198
firehol firehol 1.140
firehol firehol 1.17
firehol firehol 1.16
firehol firehol 1.92
firehol firehol 1.22
firehol firehol 1.95
firehol firehol 1.113
firehol firehol 1.191
firehol firehol 1.120
firehol firehol 1.133
firehol firehol 1.43
firehol firehol 1.76
firehol firehol 1.106
firehol firehol 1.117
firehol firehol 1.51
firehol firehol 1.46
firehol firehol 1.44
firehol firehol 1.137
firehol firehol 1.88
firehol firehol 1.135
firehol firehol 1.136
firehol firehol 1.216
firehol firehol 1.39
firehol firehol 1.209
firehol firehol 1.30
firehol firehol 1.129
firehol firehol 1.199
firehol firehol 1.202
firehol firehol 1.73
firehol firehol 1.87
firehol firehol 1.82
firehol firehol 1.93
firehol firehol 1.132
firehol firehol 1.90
firehol firehol 1.138
firehol firehol 1.179
firehol firehol 1.1.1.1
firehol firehol 1.130
firehol firehol 1.187
firehol firehol 1.173
firehol firehol 1.124
firehol firehol 1.185
firehol firehol 1.171
firehol firehol 1.115
firehol firehol 1.139
firehol firehol 1.85
firehol firehol 1.147
firehol firehol 1.212
firehol firehol 1.172
firehol firehol 1.99
firehol firehol 1.168
firehol firehol 1.10
firehol firehol 1.176
firehol firehol 1.204
firehol firehol 1.192
firehol firehol 1.50
firehol firehol 1.5
firehol firehol 1.188
firehol firehol 1.27
firehol firehol 1.69
firehol firehol 1.125
firehol firehol 1.178
firehol firehol 1.126
firehol firehol 1.201
firehol firehol 1.207
firehol firehol 1.161
firehol firehol 1.59
firehol firehol 1.206
firehol firehol 1.164
firehol firehol 1.186
firehol firehol 1.15
firehol firehol 1.35
firehol firehol 1.157
firehol firehol 1.222
firehol firehol 1.214
firehol firehol 1.194
firehol firehol 1.163
firehol firehol 1.57
firehol firehol 1.2
firehol firehol 1.1
firehol firehol 1.18
firehol firehol 1.64
firehol firehol 1.109
firehol firehol 1.110
firehol firehol 1.86
firehol firehol 1.65
firehol firehol 1.77
firehol firehol 1.118
firehol firehol 1.217
firehol firehol 1.205
firehol firehol 1.89
firehol firehol 1.4
firehol firehol 1.55
firehol firehol 1.145
firehol firehol 1.61
firehol firehol 1.107
firehol firehol 1.31
firehol firehol 1.103
firehol firehol 1.219
firehol firehol 1.58
firehol firehol 1.83
firehol firehol 1.210
firehol firehol 1.151
firehol firehol 1.53
firehol firehol 1.121
firehol firehol 1.175
firehol firehol 1.28
firehol firehol 1.26
firehol firehol 1.218
firehol firehol 1.116
firehol firehol 1.160
firehol firehol 1.74
firehol firehol 1.72
firehol firehol 1.71
firehol firehol 1.81
firehol firehol 1.19
firehol firehol 1.33
firehol firehol 1.24
firehol firehol 1.170
firehol firehol 1.112
firehol firehol 1.97
firehol firehol 1.3
firehol firehol 1.174
firehol firehol 1.54
firehol firehol 1.197
firehol firehol 1.38
firehol firehol 1.91
firehol firehol 1.60
firehol firehol 1.167
firehol firehol 1.34
firehol firehol 1.146
firehol firehol 1.166
firehol firehol 1.94
firehol firehol 1.182
firehol firehol 1.6
firehol firehol 1.14
firehol firehol 1.29
firehol firehol 1.70
firehol firehol 1.200
firehol firehol 1.40
firehol firehol 1.220
firehol firehol 1.101
firehol firehol 1.105
firehol firehol 1.114
firehol firehol 1.98
firehol firehol 1.119
firehol firehol 1.13
firehol firehol 1.80
firehol firehol 1.213
firehol firehol 1.128
firehol firehol 1.190
firehol firehol 1.56
firehol firehol 1.63
firehol firehol 1.104
firehol firehol 1.148
firehol firehol 1.25
firehol firehol 1.141
firehol firehol 1.9
firehol firehol 1.159
firehol firehol 1.49
firehol firehol 1.23
firehol firehol 1.8
CVE-2008-4953 MEDIUM

firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
firehol firehol 1.256