Gentoo Security Advisory GLSA 200502-01 (FireHOL)

  1. Network Vulnerabilities
  2. Gentoo Local Security Checks
  3. Gentoo Security Advisory GLSA 200502-01 (FireHOL)
Summary
The remote host is missing updates announced in advisory GLSA 200502-01.
Solution
All FireHOL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-firewall/firehol-1.224' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200502-01 http://bugs.gentoo.org/show_bug.cgi?id=79330 http://cvs.sourceforge.net/viewcvs.py/firehol/firehol/firehol.sh
Insight
FireHOL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.
Severity
Low Severity
Classification
Related Vulnerabilities