Main Vulnerability Database Vulnerabilities #VU41566

Link following in Fail2ban - CVE-2009-5023

Published: June 10, 2014 / Updated: August 10, 2020

Vulnerability identifier: #VU41566

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2009-5023

CWE-ID: CWE-59

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Fail2ban

Affected software:
Fail2ban

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt.

How to mitigate CVE-2009-5023

Install update from vendor's website.

Sources

http://secunia.com/advisories/58841
http://security.gentoo.org/glsa/glsa-201406-03.xml
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544232
https://github.com/fail2ban/fail2ban/blob/sdist/0.8.5/ChangeLog

Link following in Fail2ban - CVE-2009-5023

Detailed vulnerability description

How to mitigate CVE-2009-5023

Sources

Please verify you're human