FireHOL: Insecure temporary file creation — GLSA 200502-01

FireHOL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

Affected Packages

net-firewall/firehol on all architectures
Affected versions < 1.224
Unaffected versions >= 1.224

Background

FireHOL is an iptables rules generator.

Description

FireHOL insecurely creates temporary files with predictable names.

Impact

A local attacker could create malicious symbolic links to arbitrary system files. When FireHOL is executed, this could lead to these files being overwritten with the rights of the user launching FireHOL, usually the root user.

Workaround

There is no known workaround at this time.

Resolution

All FireHOL users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-firewall/firehol-1.224"

References

Release Date
February 01, 2005

Latest Revision
May 22, 2006: 02

Severity
normal

Exploitable
local

Bugzilla entries