The vulnerability is caused due to temporary file being created insecurely. This can be exploited via symlink attacks in combination with a race condition to create and overwrite arbitrary files with the privileges of the user running the affected script. It is also possible to cause a Denial of Service by manipulating the ip adresses present into the temporary file The exploitation require that the root configure or reconfigure his firewall rules. ########## Versions: ########## GIPTables <= v1.1
Possible fix: deny_file="$GIPTABLES_BLOCKED_FILE" if mkdir "/tmp/.giptables.$$"; then chmod 700 /tmp/.giptables.$$ temp_file="/tmp/.giptables.$$/temp.ip.addresses" else echo "$Error: failed to create temporary file" 1>&2 exit 1 fi temp_file="/tmp/.giptables.$$/temp.ip.addresses"
Last version in June 09, 2002. Not sure it's worth patching... maybe a mask/removal would be a better option. Pulling in dragonheart for input.
I'm happy with a mask/removal
Masked prior to complete removal.
giptables removed
