Vulnerability Description
Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script.
CVSS Score
3.3
LOW
AV:L/AC:M/Au:N/C:N/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fwbuilder | Firewall Builder | 3.0.4 |
| Linux | Linux Kernel | All versions |
Related Weaknesses (CWE)
References
- http://blog.fwbuilder.org/2009/09/firewall-builder-v307-released.htmlVendor Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035112.h
- http://osvdb.org/58247
- http://secunia.com/advisories/36809Vendor Advisory
- http://www.fwbuilder.org/docs/firewall_builder_release_notes.html#3.0.7
- http://www.securityfocus.com/bid/36468
- http://www.vupen.com/english/advisories/2010/0389
- https://bugzilla.redhat.com/show_bug.cgi?id=524588
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53392
- http://blog.fwbuilder.org/2009/09/firewall-builder-v307-released.htmlVendor Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035112.h
- http://osvdb.org/58247
- http://secunia.com/advisories/36809Vendor Advisory
- http://www.fwbuilder.org/docs/firewall_builder_release_notes.html#3.0.7
- http://www.securityfocus.com/bid/36468
FAQ
What is CVE-2009-4664?
CVE-2009-4664 is a vulnerability with a CVSS score of 3.3 (LOW). Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script.
How severe is CVE-2009-4664?
CVE-2009-4664 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-4664?
Check the references section above for vendor advisories and patch information. Affected products include: Fwbuilder Firewall Builder, Linux Linux Kernel.