PT-2005-1569 · Smc · My Firewall Plus

Publicado

2005-03-18

Atualizado

2008-09-05

CVE-2005-0515

CVSS v2.0

2.1

Baixa

Vetor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions My Firewall Plus version 5.0 build 1117

Description The issue arises from Smc.exe not dropping privileges before launching the Log Viewer export functionality. This allows local users to corrupt arbitrary files by saving log files.

Recommendations For My Firewall Plus version 5.0 build 1117, consider restricting access to the Log Viewer export functionality until a fix is available. As a temporary workaround, avoid using the Log Viewer export functionality to minimize the risk of file corruption.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-0515

Produtos afetados

My Firewall Plus

PT-2005-1569 · Smc · My Firewall Plus

CVE-2005-0515

Identificadores relacionados

Produtos afetados

Referências · 5