Debian: New fireflier-server packages fix unsafe temporary files

    Date01 Jul 2007
    CategoryDebian
    3362
    Posted ByLinuxSecurity Advisories
    Steve Kemp from the Debian Security Audit project discovered that fireflier-server, an interactive firewall rule creation tool, uses temporary files in an unsafe manner which may be exploited to remove arbitary files from the local system.
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA-1326                    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                               Steve Kemp
    July 01, 2007
    - ------------------------------------------------------------------------
    
    Package        : fireflier-server
    Vulnerability  : insecure temporary files
    Problem type   : local
    Debian-specific: no
    CVE Id(s)      : CVE-2007-2837
    
    Steve Kemp from the Debian Security Audit project discovered that
    fireflier-server, an interactive firewall rule creation tool, uses
    temporary files in an unsafe manner which may be exploited to remove
    arbitary files from the local system.
    
    For the old stable distribution (sarge) this problem has been fixed in
    version 1.1.5-1sarge1.
    
    For the stable distribution (etch) this problem has been fixed in
    version 1.1.6-3etch1.
    
    For the unstable distribution (sid) this problem will be fixed shortly.
    
    We recommend that you upgrade your fireflier-server package.
    
    
    Upgrade instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    
    Debian GN/Linux 3.1 alias sarge
    - -------------------------------
    
    Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.
    
    Source archives:
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier_1.1.5-1sarge1.dsc
        Size/MD5 checksum:      754 fd653a7d7e2c4475d1a2c2640b3e142a
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier_1.1.5-1sarge1.tar.gz
        Size/MD5 checksum:   499949 4ae52e40866c6ca977ddcbf8a8b5fd65
    
    alpha architecture (DEC Alpha)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.5-1sarge1_alpha.deb
        Size/MD5 checksum:    75194 8c878fe74627e6a6246333d5b14c228f
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.5-1sarge1_alpha.deb
        Size/MD5 checksum:   177850 027ca26aabb6aafae2acdc748d3f4050
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.5-1sarge1_alpha.deb
        Size/MD5 checksum:    74840 d5a498e131e51d76f4044218f9298e24
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.5-1sarge1_alpha.deb
        Size/MD5 checksum:    51402 84350d096372ab3f0aa41608adf3772f
    
    amd64 architecture (AMD x86_64 (AMD64))
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.5-1sarge1_amd64.deb
        Size/MD5 checksum:    66538 34a5b65429e8ebdf4646d93ae8fc37c7
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.5-1sarge1_amd64.deb
        Size/MD5 checksum:    66370 6f3614d84a690531039e5b7b0adc2b6b
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.5-1sarge1_amd64.deb
        Size/MD5 checksum:    47130 68d9276db6afc61f3eec2091c6e57634
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.5-1sarge1_amd64.deb
        Size/MD5 checksum:   147046 d0aafacb99d698957a91df99ff6eddd5
    
    arm architecture (ARM)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.5-1sarge1_arm.deb
        Size/MD5 checksum:    61610 ad9b1e6b0d0532a3494f22e6811798a9
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.5-1sarge1_arm.deb
        Size/MD5 checksum:    64002 50b762fe9a28aa55bda45d134de95a5e
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.5-1sarge1_arm.deb
        Size/MD5 checksum:    46878 dc55fb97f5d9a4bf8fc192d7f1f22620
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.5-1sarge1_arm.deb
        Size/MD5 checksum:   163486 70254f114e19769e74a02f977e70856c
    
    i386 architecture (Intel ia32)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.5-1sarge1_i386.deb
        Size/MD5 checksum:    66070 f65bbd16b3b9349271dd643b67fe5fe6
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.5-1sarge1_i386.deb
        Size/MD5 checksum:    45686 d43fa251a29fde160e5be343ac18a5e8
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.5-1sarge1_i386.deb
        Size/MD5 checksum:   145080 803aa15f76f167ec61751ab4d4726011
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.5-1sarge1_i386.deb
        Size/MD5 checksum:    63804 8935c1620e21f806b72ac23567cfde7b
    
    ia64 architecture (Intel ia64)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.5-1sarge1_ia64.deb
        Size/MD5 checksum:    77904 c6470c91822ba6864b58f901e0ed0415
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.5-1sarge1_ia64.deb
        Size/MD5 checksum:    57184 d40677eb94d117307e0a2279d6b46b37
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.5-1sarge1_ia64.deb
        Size/MD5 checksum:    86190 785c0e110f76b92fbf9fecec864ddfdc
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.5-1sarge1_ia64.deb
        Size/MD5 checksum:   181778 6599a98a4e1bdda9350f336b38d134a5
    
    m68k architecture (Motorola Mc680x0)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.5-1sarge1_m68k.deb
        Size/MD5 checksum:    43666 e6bda51d4e19dc5a822d1368cb7a5950
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.5-1sarge1_m68k.deb
        Size/MD5 checksum:   153246 54e8eb7687c145a29ba5c2f831ef3f58
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.5-1sarge1_m68k.deb
        Size/MD5 checksum:    67476 656375bc297d17c24cf61287a071b858
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.5-1sarge1_m68k.deb
        Size/MD5 checksum:    64976 0a277af76d4329a96fba035fa11f951f
    
    mipsel architecture (MIPS (Little Endian))
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.5-1sarge1_mipsel.deb
        Size/MD5 checksum:    64736 676d8b2b2937960d3f2201b4009cc728
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.5-1sarge1_mipsel.deb
        Size/MD5 checksum:    48914 42326fdf138ab674ea5ad26c9f1a6c5e
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.5-1sarge1_mipsel.deb
        Size/MD5 checksum:    65704 6131b6260d1a5804b993c06d6402607e
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.5-1sarge1_mipsel.deb
        Size/MD5 checksum:   143918 e2a4420876ce51a371b4c04daf477299
    
    s390 architecture (IBM S/390)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.5-1sarge1_s390.deb
        Size/MD5 checksum:    58278 915f54bb4e7bac404a189d9d303ebde1
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.5-1sarge1_s390.deb
        Size/MD5 checksum:    58024 2c6e553cbf4e7ceedaa3e68dd7c90592
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.5-1sarge1_s390.deb
        Size/MD5 checksum:   126864 a63df68efa70c549c98a72dda362000b
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.5-1sarge1_s390.deb
        Size/MD5 checksum:    46378 e3c0faeb7643582a0f86ead593ef3392
    
    sparc architecture (Sun SPARC/UltraSPARC)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.5-1sarge1_sparc.deb
        Size/MD5 checksum:   137770 02079ebc00539a25d28c7c3f2323087e
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.5-1sarge1_sparc.deb
        Size/MD5 checksum:    44604 1f48977051d6b684a97d3bc11849e3d3
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.5-1sarge1_sparc.deb
        Size/MD5 checksum:    63408 d5849c13c7f841f0779511628604f174
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.5-1sarge1_sparc.deb
        Size/MD5 checksum:    62406 19d9df652340d502a46bea63631c69b8
    
    
    Debian GNU/Linux 4.0 alias etch
    - -------------------------------
    
    Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
    
    Source archives:
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier_1.1.6-3etch1.tar.gz
        Size/MD5 checksum:   615953 7db5f641d31cf389baf0882f2f2288ef
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier_1.1.6-3etch1.dsc
        Size/MD5 checksum:      719 8ec24268cc89bb1472dcd4f023109a55
    
    alpha architecture (DEC Alpha)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.6-3etch1_alpha.deb
        Size/MD5 checksum:   147300 c6b3ba67a793555ec96c3714d5028d4e
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.6-3etch1_alpha.deb
        Size/MD5 checksum:    52922 4f29a555ae0c60a283054869a2deef0d
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.6-3etch1_alpha.deb
        Size/MD5 checksum:    76210 db82d7e8c25d5b778bbc22de591f23ae
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.6-3etch1_alpha.deb
        Size/MD5 checksum:    74646 f39baaca7abcf1a64b6920398d545dc0
    
    amd64 architecture (AMD x86_64 (AMD64))
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.6-3etch1_amd64.deb
        Size/MD5 checksum:    68414 9c1c112e4535e71ea86154c861e0b688
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.6-3etch1_amd64.deb
        Size/MD5 checksum:   121268 bdf7ba3b1cce5e9b4a0563c77dc9bd38
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.6-3etch1_amd64.deb
        Size/MD5 checksum:    47430 698f016cb66f731fda7b87b1f192709e
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.6-3etch1_amd64.deb
        Size/MD5 checksum:    67766 84d8735acffe2567fc8c9739788f0fea
    
    arm architecture (ARM)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.6-3etch1_arm.deb
        Size/MD5 checksum:    46330 d147b04a73a65fe2966948ac58445cf7
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.6-3etch1_arm.deb
        Size/MD5 checksum:    64868 1af069cf70c678eddaa8e28802df3e89
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.6-3etch1_arm.deb
        Size/MD5 checksum:   130688 f97d13337085b8ade757c1fb10095d6f
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.6-3etch1_arm.deb
        Size/MD5 checksum:    66356 64ef68a531883b23afeacde58e7d2727
    
    i386 architecture (Intel ia32)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.6-3etch1_i386.deb
        Size/MD5 checksum:    46250 62dde84e79919f2b5d1b2b8a44cedcee
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.6-3etch1_i386.deb
        Size/MD5 checksum:    65748 c908187a9e144b7d3debeb43c611f168
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.6-3etch1_i386.deb
        Size/MD5 checksum:   123604 d14dd2b328d0a5f4886bae8ab388965b
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.6-3etch1_i386.deb
        Size/MD5 checksum:    66552 71aad601121e92cab60380f7d92928e6
    
    ia64 architecture (Intel ia64)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.6-3etch1_ia64.deb
        Size/MD5 checksum:   155964 3989a1a5b59db29ce3b0f16d074ccd6d
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.6-3etch1_ia64.deb
        Size/MD5 checksum:    59392 07e514db9113670e6931f9683efcbfbc
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.6-3etch1_ia64.deb
        Size/MD5 checksum:    85446 3ca0771eb5d1e65a80912772444edd85
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.6-3etch1_ia64.deb
        Size/MD5 checksum:    77862 c0e83adfc8826c0a944cd96786e96b5b
    
    mipsel architecture (MIPS (Little Endian))
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.6-3etch1_mipsel.deb
        Size/MD5 checksum:    49918 8fdb8bff3171e00c81318dff7c2834bc
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.6-3etch1_mipsel.deb
        Size/MD5 checksum:    67298 15b806ed030c3a71fce8390078739f32
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.6-3etch1_mipsel.deb
        Size/MD5 checksum:   126054 51aa1ce345ea539a46ff4fc5a8353c6f
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.6-3etch1_mipsel.deb
        Size/MD5 checksum:    67824 a5e8bcabc6192397f6701ebd62466a0c
    
    powerpc architecture (PowerPC)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.6-3etch1_powerpc.deb
        Size/MD5 checksum:    65700 ae5de1b34ce04bdcb9f47a644b145548
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.6-3etch1_powerpc.deb
        Size/MD5 checksum:   122762 3631252bcd61ca3f01d2ee0403ee8730
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.6-3etch1_powerpc.deb
        Size/MD5 checksum:    62716 4abac4b6596b76653ca790c226095171
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.6-3etch1_powerpc.deb
        Size/MD5 checksum:    49218 e9e2fa7a61de8ad67360c5b034f83694
    
    s390 architecture (IBM S/390)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.6-3etch1_s390.deb
        Size/MD5 checksum:   109020 dbd1d3274cedec161eec4a25b0a79ece
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.6-3etch1_s390.deb
        Size/MD5 checksum:    59542 8a39c0ef45c9890646da6c9d5a93d3f4
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.6-3etch1_s390.deb
        Size/MD5 checksum:    47148 cd7df14ccffcdec9cb8f769777d066ee
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.6-3etch1_s390.deb
        Size/MD5 checksum:    63242 7678da0d666839e0e458c5c5c8a49e22
    
    sparc architecture (Sun SPARC/UltraSPARC)
    
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-kde_1.1.6-3etch1_sparc.deb
        Size/MD5 checksum:    63500 303fc154d47f870590584a7cc3cb7bd2
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-server_1.1.6-3etch1_sparc.deb
        Size/MD5 checksum:    44856 efdcc4126731ed16f10260e7900c697a
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-qt_1.1.6-3etch1_sparc.deb
        Size/MD5 checksum:    66338 f440f822c71d8c2ee0654390426b0207
      http://security.debian.org/pool/updates/main/f/fireflier/fireflier-client-gtk_1.1.6-3etch1_sparc.deb
        Size/MD5 checksum:   119628 cd5422a03308735ed84a6877c9dff8c6
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"64","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.39,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.46,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.