CERTA-2005-AVI-442
Vulnerability from certfr_avis - Published: 2005-11-08 - Updated: 2005-11-08None
Description
L'installation des produits F-Secure Anti-Virus Internet Gatekeeper pour Linux et F-Secure Anti-Virus Linux Gateway entraîne la création de scripts CGI ayant des droits en exécution pour tous avec le paramètre SUID activé. Un utilisateur local peut obtenir les droits de l'administrateur en utilisant ces scripts.
Contournement provisoire
Modifier les paramètres des scripts à l'aide des commandes ci-dessous.
-
Pour F-Secure Anti-Virus Internet Gatekeeper pour Linux :
chmod -s /opt/f-secure/fsigk/cgi/*suid.cgi
-
Pour F-Secure Anti-Virus Linux Gateway :
chmod -s /home/virusgw/cgi/*suid.cgi
Solution
Appliquer le correctif tel qu'indiqué dans le bulletin de sécurité F-Secure (voir Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "F-Secure Anti-Virus Linux Gateway versions ant\u00e9rieures \u00e0 2.16.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Internet Gatekeeper pour Linux versions ant\u00e9rieures \u00e0 2.15.484 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nL\u0027installation des produits F-Secure Anti-Virus Internet Gatekeeper pour\nLinux et F-Secure Anti-Virus Linux Gateway entra\u00eene la cr\u00e9ation de\nscripts CGI ayant des droits en ex\u00e9cution pour tous avec le param\u00e8tre\nSUID activ\u00e9. Un utilisateur local peut obtenir les droits de\nl\u0027administrateur en utilisant ces scripts.\n\n## Contournement provisoire\n\nModifier les param\u00e8tres des scripts \u00e0 l\u0027aide des commandes ci-dessous.\n\n- Pour F-Secure Anti-Virus Internet Gatekeeper pour Linux :\n\n chmod -s /opt/f-secure/fsigk/cgi/\\*suid.cgi\n\n- Pour F-Secure Anti-Virus Linux Gateway :\n\n chmod -s /home/virusgw/cgi/\\*suid.cgi\n\n## Solution\n\nAppliquer le correctif tel qu\u0027indiqu\u00e9 dans le bulletin de s\u00e9curit\u00e9\nF-Secure (voir Documentation).\n",
"cves": [],
"initial_release_date": "2005-11-08T00:00:00",
"last_revision_date": "2005-11-08T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 FSC-2005-3 de F-Secure du 07 novembre 2005 :",
"url": "http://www.f-secure.com/security/fsc-2005-3.shtml"
}
],
"reference": "CERTA-2005-AVI-442",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2005-11-08T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": null,
"title": "Vuln\u00e9rabilit\u00e9 dans divers produits F-Secure",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 FSC-2005-3 de F-Secure du 07 novembre 2005",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…