MidnightBSD

Advisories for shorewall

CVE-2004-0647 MEDIUM

shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
shorewall shorewall 1.4.10
shorewall shorewall 1.4.5
shorewall shorewall 1.4.2
shorewall shorewall 1.4.3a
shorewall shorewall 1.4.8
shorewall shorewall 1.4.6
shorewall shorewall 1.4.1
shorewall shorewall 1.4.9
shorewall shorewall 1.4
shorewall shorewall 2.0.1
shorewall shorewall 1.4.3
shorewall shorewall 2.0
shorewall shorewall 1.4.4
shorewall shorewall 2.0.2
shorewall shorewall 2.0.3
shorewall shorewall 1.4.7
CVE-2005-2317 HIGH

Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
shorewall shorewall 2.0.15
shorewall shorewall 2.0.0a
shorewall shorewall 2.0.3a
shorewall shorewall 2.0.3c
shorewall shorewall 2.0.2f
shorewall shorewall 2.0.16
shorewall shorewall 2.0.2d
shorewall shorewall 2.0.4
shorewall shorewall 2.0.1
shorewall shorewall 2.2.3
shorewall shorewall 2.0.0
shorewall shorewall 2.0.2b
shorewall shorewall 2.0.2c
shorewall shorewall 2.0.2e
shorewall shorewall 2.0.7
shorewall shorewall 2.0.9
shorewall shorewall 2.0.11
shorewall shorewall 2.4.0
shorewall shorewall 2.0.5
shorewall shorewall 2.0.12
shorewall shorewall 2.2.1
shorewall shorewall 2.0.0b
shorewall shorewall 2.0.14
shorewall shorewall 2.2.0
shorewall shorewall 2.2.2
shorewall shorewall 2.2.4
shorewall shorewall 2.4.0_rc2
shorewall shorewall 2.0.13
shorewall shorewall 2.0.10
shorewall shorewall 2.0.3b
shorewall shorewall 2.4.0_rc1
shorewall shorewall 2.0.6
shorewall shorewall 2.0.8
shorewall shorewall 2.0.2
shorewall shorewall 2.0.2a
shorewall shorewall 2.0.3