CVE-2014-0039

Name of the Vulnerable Software and Affected Versions fwsnort versions prior to 1.6.4

Description The issue allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory when fwsnort is not running as root.

Recommendations For versions prior to 1.6.4, update to version 1.6.4 or later to resolve the issue. As a temporary workaround, consider running fwsnort as root to minimize the risk of exploitation. Restrict access to the fwsnort.conf file to prevent unauthorized modifications.