PT-2005-1569 · Smc · My Firewall Plus

Published

2005-03-18

Updated

2008-09-05

CVE-2005-0515

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions My Firewall Plus version 5.0 build 1117

Description The issue arises from Smc.exe not dropping privileges before launching the Log Viewer export functionality. This allows local users to corrupt arbitrary files by saving log files.

Recommendations For My Firewall Plus version 5.0 build 1117, consider restricting access to the Log Viewer export functionality until a fix is available. As a temporary workaround, avoid using the Log Viewer export functionality to minimize the risk of file corruption.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0515

Affected Products

My Firewall Plus

PT-2005-1569 · Smc · My Firewall Plus

CVE-2005-0515

Related Identifiers

Affected Products

References · 5