Input validation error in fwsnort - CVE-2014-0039
Published: February 8, 2014 / Updated: August 10, 2020
Vulnerability identifier: #VU42052
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2014-0039
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: www.cipherdyne.org
Affected software:
fwsnort
fwsnort
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Untrusted search path vulnerability in fwsnort before 1.6.4, when not running as root, allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory. Per: http://cwe.mitre.org/data/definitions/426.html "CWE-426: Untrusted Search Path"
How to mitigate CVE-2014-0039
Install update from vendor's website.
Sources
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128188.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128205.html
- http://osvdb.org/102822
- http://seclists.org/oss-sec/2014/q1/221
- http://www.securityfocus.com/bid/65341
- https://github.com/mrash/fwsnort/blob/master/ChangeLog
- https://github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348