Summary: | net-firewall/lutelwall: Insecure temporary file creation | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jean-François Brunette (RETIRED) <formula7> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | vanquirius |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Other | ||
URL: | http://www.zataz.net/adviso/lutelwall-05222005.txt | ||
Whiteboard: | B3 [glsa] formula7 | ||
Package list: | Runtime testing required: | --- |
Description
Jean-François Brunette (RETIRED)
2005-06-07 12:32:41 UTC
Vulnerable code : ----------------- # Prefix of temporary firewall files tmp='/tmp/lutelwall' new_version_check () { # Check for new version of script if [ "`wget -V 2>&1 >/dev/null`" ]; then message 3 "Warrning: Wget is required to check for updates." else new_ver=`wget -C off -O - -q -t 1 -T 3 -w 3 -U "\`uname -a 2>&1\`" http://firewall.lutel.pl/ver` if [ `echo $current_version | gawk '{ gsub("\\\.","") ; print 1$0 }'` -lt `echo $new_ver | gawk '{ gsub("\\\.","") ; print 1$0 }'` ]; then echo -e "\nThere is newer version of LutelWall (${new_ver})" echo -n " Changes since previous version:" echo `wget -C off -O $tmp-newfeat -q -t 1 -T 3 -w 3 http://firewall.lutel.pl/FEATURES-${new_ver}` cat $tmp-newfeat echo "Do you want to update [y/N]? " read -s -t 5 -n 1 ln if [ "$ln" = 'y' -o "$ln" = 'Y' ]; then wget -O $tmp-script -q -T 3 http://firewall.lutel.pl/lutelwall cat $tmp-script > $0 rm -rf $tmp-script echo "Your firewall is up to date, exiting after update!" exit else message 5 "Update aborted" fi else message 5 "LutelWall is up-to-date" fi; fi; } *** Bug 95596 has been marked as a duplicate of this bug. *** Vanquirius: thx for the bump. Keywords are all set, this is ready for GLSA vote I vote YES, I guess the update script is run by root. agreed, there should be a GLSA GLSA 200506-10 |