6 matches found
Amazon Linux AMI : fwsnort (ALAS-2014-409)
Untrusted search path vulnerability in fwsnort before 1.6.4, when not running as root, allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Fedora Update for fwsnort FEDORA-2014-1975
Check for the Version of fwsnort OpenVAS Vulnerability Test Fedora Update for fwsnort FEDORA-2014-1975 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora 19 : fwsnort-1.6.4-1.fc19 (2014-1972)
notes=Fix CVE-2014-0039 fwsnort: configuration file can be loaded from cwd when run as a non-root user Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora 20 : fwsnort-1.6.4-1.fc20 (2014-1975)
Fix CVE-2014-0039 fwsnort: configuration file can be loaded from cwd when run as a non-root user Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora Update for fwsnort FEDORA-2014-1975
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-0039
CVE-2014-0039 affects fwsnort versions prior to 1.6.4. The vulnerability arises from an untrusted search path: if fwsnort is not run as root, a local user can place a trojan horse fwsnort.conf in the current working directory to execute arbitrary code. Public advisories (Amazon Linux ALAS-2014-40...