Gentoo FoundationGLSA-200506-10LutelWall: Insecure temporary file creation
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
5.1%
Background
LutelWall is a high-level Linux firewall configuration tool.
Description
Eric Romang has discovered that the new_version_check() function in LutelWall insecurely creates a temporary file when updating to a new version.
Impact
A local attacker could create symbolic links in the temporary file directory, pointing to a valid file somewhere on the filesystem. When the update script is executed (usually by the root user), this would result in the file being overwritten with the rights of this user.
Workaround
There is no known workaround at this time.
Resolution
All LutelWall users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/lutelwall-0.98"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | net-firewall/lutelwall | < 0.98 | UNKNOWN |
Related
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
5.1%