CVE-2004-0647

Published Aug 6, 2004

Last updated 7 years ago

CVSS info 4.6

Overview

Description: shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B09DE7E2-CC5F-415B-A392-D68AB5D5183A"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9607C7E-6F86-4912-A376-08AF7BF02C1D"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36381169-72B8-4A24-BAF2-BEC34ED111CE"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB8C6C0C-AFFD-4245-9BC8-315449A93630"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.3a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "755E1346-339F-4910-A360-A54A7C7248CC"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5484FDC1-69C9-4E41-AC5C-9F27AAAA21F2"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27002D31-C070-438D-B673-883E53604484"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51856967-B4E8-492F-9A7D-ABEDA30DD002"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C908BE61-EC82-4FFA-9F70-A62DCB61B7E7"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5D91047-9FFE-434F-AA74-8CAD5FFA1D47"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8AAC279-B154-4591-90C8-4026DFE486EA"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:1.4.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6FC0B9A-1B52-4983-A8DB-A27EDB16C399"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA74BD87-28A4-479B-A02C-C5EF0FE99033"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA3C10C9-AB0C-4CDB-82C2-606FC92799E3"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "444C2974-82B2-49D9-B6D2-6E6BB19A100B"
          },
          {
            "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF76A1B4-3B30-408B-9E8D-627BA55B44B7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References