CVE-2014-0039CVE-2014-0039

Affected configuration(s):

cpe:/a:cipherdyne:fwsnort:0.5
cpe:/a:cipherdyne:fwsnort:0.6
cpe:/a:cipherdyne:fwsnort:0.6.1
cpe:/a:cipherdyne:fwsnort:0.6.2
cpe:/a:cipherdyne:fwsnort:0.6.3
cpe:/a:cipherdyne:fwsnort:0.6.4
cpe:/a:cipherdyne:fwsnort:0.6.5
cpe:/a:cipherdyne:fwsnort:0.7.0
cpe:/a:cipherdyne:fwsnort:0.8.0
cpe:/a:cipherdyne:fwsnort:0.8.1
cpe:/a:cipherdyne:fwsnort:0.8.2
cpe:/a:cipherdyne:fwsnort:0.9.0
cpe:/a:cipherdyne:fwsnort:1.0
cpe:/a:cipherdyne:fwsnort:1.0.1
cpe:/a:cipherdyne:fwsnort:1.0.2
cpe:/a:cipherdyne:fwsnort:1.0.3
cpe:/a:cipherdyne:fwsnort:1.0.4
cpe:/a:cipherdyne:fwsnort:1.0.5
cpe:/a:cipherdyne:fwsnort:1.0.6
cpe:/a:cipherdyne:fwsnort:1.5
cpe:/a:cipherdyne:fwsnort:1.6
cpe:/a:cipherdyne:fwsnort:1.6.1
cpe:/a:cipherdyne:fwsnort:1.6.2
cpe:/a:cipherdyne:fwsnort:1.6.3
cpe:/a:cipherdyne:fwsnort:1.6.4

Date published: 2014-02-07T19:55:06.113-05:00

Date last modified: 2014-02-21T00:06:09.170-05:00

CVSS Score: 4.4

Principal attack vector: LOCAL

Complexity:  MEDIUM

Reference URL: http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128188.html

Summary: Untrusted search path vulnerability in fwsnort before 1.6.4, when not running as root, allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.