Juergen Schmidt

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 2.0.0.5 and 3.0alpha Description: The issue allows remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a mailto, nntp, news, snews, or telnet URI. Recommendations: For Mozilla Firefox version 2.0.0.5, update to a version that contains a fix for this issue. For Mozilla Firefox version 3.0alpha, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** IPCop (aka IPCop Firewall) versions prior to 1.4.10 **Description** The issue allows local users to potentially overwrite system configuration files and gain privileges. This is possible by creating a malicious encrypted backup archive owned by "nobody" and then executing ipcoprscfg to restore from this backup. **Recommendations** For versions prior to 1.4.10, update to version 1.4.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the backup.key file to prevent local users from exploiting the world-readable permissions.

**Name of the Vulnerable Software and Affected Versions** IPCop (aka IPCop Firewall) versions prior to 1.4.10 **Description** A race condition issue exists that might allow local users to overwrite system configuration files and gain privileges. This occurs by replacing a backup archive during a specific time window when the archive is owned by "nobody" but not yet encrypted, and then executing ipcoprscfg to restore from this backup. **Recommendations** For versions prior to 1.4.10, update to version 1.4.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the ipcoprscfg command until a patch is applied.