Upstream information

CVE-2009-5023 at MITRE

Description

The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.7
Vector AV:L/AC:M/Au:N/C:N/I:C/A:N
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Complete
Availability Impact None
SUSE Bugzilla entry: 690853 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.3
  • fail2ban >= 0.8.4-5.3.1
openSUSE 11.4
  • fail2ban >= 0.8.4-11.12.1
openSUSE 11.4
  • fail2ban >= 0.8.4-11.12.1
Patchnames:
fail2ban
openSUSE Tumbleweed
  • SuSEfirewall2-fail2ban >= 0.9.5-1.1
  • fail2ban >= 0.9.5-1.1
  • nagios-plugins-fail2ban >= 0.9.5-1.1
Patchnames:
openSUSE Tumbleweed GA SuSEfirewall2-fail2ban