var-201003-0011
Vulnerability from variot
Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script. Firewall Builder creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files or to execute arbitrary code with elevated privileges. Firewall Builder 3.0.4, 3.0.5, and 3.0.6 are vulnerable; other versions may also be affected. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Firewall Builder Insecure Temporary Files
SECUNIA ADVISORY ID: SA36809
VERIFY ADVISORY: http://secunia.com/advisories/36809/
DESCRIPTION: A security issue has been reported in Firewall Builder, which can be exploited by malicious, local users to perform certain actions with escalated privileges. This can be exploited to e.g. overwrite arbitrary files via symlink attacks.
Note: Only scripts setting iptable's static routing configuration are affected.
The security issue is reported in versions 3.0.4, 3.0.5, and 3.0.6.
SOLUTION: Update to version 3.0.7.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://blog.fwbuilder.org/2009/09/firewall-builder-v307-released.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Background
Firewall Builder is a GUI for easy management of multiple firewall platforms.
Workaround
There is no known workaround at this time.
Resolution
All Firewall Builder users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-firewall/fwbuilder-3.0.7"
NOTE: This is a legacy GLSA. Updates for all affected architectures are available since March 09, 2010. It is likely that your system is already no longer affected by this issue.
References
[ 1 ] CVE-2008-4956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4956 [ 2 ] CVE-2009-4664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4664
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/
TITLE: Fedora update for fwbuilder and libfwbuilder
SECUNIA ADVISORY ID: SA38585
VERIFY ADVISORY: http://secunia.com/advisories/38585/
DESCRIPTION: Fedora has issued an update for fwbuilder and libfwbuilder.
For more information: SA36809
SOLUTION: Apply updated packages using the yum utility ("yum update fwbuilder libfwbuilder")
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201003-0011", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "firewall builder", "scope": "eq", "trust": 2.4, "vendor": "fwbuilder", "version": "3.0.4" }, { "model": "firewall builder", "scope": "eq", "trust": 2.4, "vendor": "fwbuilder", "version": "3.0.5" }, { "model": "firewall builder", "scope": "eq", "trust": 1.6, "vendor": "fwbuilder", "version": "3.0.6" }, { "model": "firewall builder", "scope": "eq", "trust": 0.8, "vendor": "fwbuilder", "version": "and 3.0.6" }, { "model": "kernel", "scope": null, "trust": 0.8, "vendor": "linux", "version": null }, { "model": "firewall builder", "scope": "eq", "trust": 0.3, "vendor": "netcitadel", "version": "3.0.6" }, { "model": "firewall builder", "scope": "eq", "trust": 0.3, "vendor": "netcitadel", "version": "3.0.5" }, { "model": "firewall builder", "scope": "eq", "trust": 0.3, "vendor": "netcitadel", "version": "3.0.4" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "firewall builder", "scope": "ne", "trust": 0.3, "vendor": "netcitadel", "version": "3.0.7" } ], "sources": [ { "db": "BID", "id": "36468" }, { "db": "JVNDB", "id": "JVNDB-2010-003670" }, { "db": "NVD", "id": "CVE-2009-4664" }, { "db": "CNNVD", "id": "CNNVD-201003-033" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:fwbuilder:firewall_builder:3.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fwbuilder:firewall_builder:3.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fwbuilder:firewall_builder:3.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2009-4664" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "NetCitadel", "sources": [ { "db": "CNNVD", "id": "CNNVD-201003-033" } ], "trust": 0.6 }, "cve": "CVE-2009-4664", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "exploitabilityScore": 3.4, "impactScore": 4.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 3.3, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2009-4664", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Low", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "exploitabilityScore": 3.4, "id": "VHN-42110", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "LOW", "trust": 0.1, "vectorString": "AV:L/AC:M/AU:N/C:N/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2009-4664", "trust": 1.8, "value": "LOW" }, { "author": "CNNVD", "id": "CNNVD-201003-033", "trust": 0.6, "value": "LOW" }, { "author": "VULHUB", "id": "VHN-42110", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-42110" }, { "db": "JVNDB", "id": "JVNDB-2010-003670" }, { "db": "NVD", "id": "CVE-2009-4664" }, { "db": "CNNVD", "id": "CNNVD-201003-033" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script. Firewall Builder creates temporary files in an insecure manner. \nAn attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. \nSuccessfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files or to execute arbitrary code with elevated privileges. \nFirewall Builder 3.0.4, 3.0.5, and 3.0.6 are vulnerable; other versions may also be affected. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nFirewall Builder Insecure Temporary Files\n\nSECUNIA ADVISORY ID:\nSA36809\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36809/\n\nDESCRIPTION:\nA security issue has been reported in Firewall Builder, which can be\nexploited by malicious, local users to perform certain actions with\nescalated privileges. This\ncan be exploited to e.g. overwrite arbitrary files via symlink\nattacks. \n\nNote: Only scripts setting iptable\u0027s static routing configuration are\naffected. \n\nThe security issue is reported in versions 3.0.4, 3.0.5, and 3.0.6. \n\nSOLUTION:\nUpdate to version 3.0.7. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://blog.fwbuilder.org/2009/09/firewall-builder-v307-released.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nBackground\n==========\n\nFirewall Builder is a GUI for easy management of multiple firewall\nplatforms. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Firewall Builder users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-firewall/fwbuilder-3.0.7\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since March 09, 2010. It is likely that your system is\nalready no longer affected by this issue. \n\nReferences\n==========\n\n[ 1 ] CVE-2008-4956\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4956\n[ 2 ] CVE-2009-4664\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4664\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nFedora update for fwbuilder and libfwbuilder\n\nSECUNIA ADVISORY ID:\nSA38585\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38585/\n\nDESCRIPTION:\nFedora has issued an update for fwbuilder and libfwbuilder. \n\nFor more information:\nSA36809\n\nSOLUTION:\nApply updated packages using the yum utility (\"yum update fwbuilder\nlibfwbuilder\")", "sources": [ { "db": "NVD", "id": "CVE-2009-4664" }, { "db": "JVNDB", "id": "JVNDB-2010-003670" }, { "db": "BID", "id": "36468" }, { "db": "VULHUB", "id": "VHN-42110" }, { "db": "PACKETSTORM", "id": "81499" }, { "db": "PACKETSTORM", "id": "108991" }, { "db": "PACKETSTORM", "id": "86386" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2009-4664", "trust": 2.9 }, { "db": "BID", "id": "36468", "trust": 2.0 }, { "db": "SECUNIA", "id": "36809", "trust": 1.8 }, { "db": "OSVDB", "id": "58247", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2010-0389", "trust": 1.1 }, { "db": "JVNDB", "id": "JVNDB-2010-003670", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201003-033", "trust": 0.7 }, { "db": "FEDORA", "id": "FEDORA-2010-0157", "trust": 0.6 }, { "db": "XF", "id": "53392", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-42110", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "81499", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "108991", "trust": 0.1 }, { "db": "SECUNIA", "id": "38585", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "86386", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-42110" }, { "db": "BID", "id": "36468" }, { "db": "JVNDB", "id": "JVNDB-2010-003670" }, { "db": "PACKETSTORM", "id": "81499" }, { "db": "PACKETSTORM", "id": "108991" }, { "db": "PACKETSTORM", "id": "86386" }, { "db": "NVD", "id": "CVE-2009-4664" }, { "db": "CNNVD", "id": "CNNVD-201003-033" } ] }, "id": "VAR-201003-0011", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-42110" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T11:25:55.438000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Firewall Builder Release Notes", "trust": 0.8, "url": "http://www.fwbuilder.org/4.0/docs/firewall_builder_release_notes.html#3.0.7" }, { "title": "Top Page", "trust": 0.8, "url": "http://jp.redhat.com/" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2010-003670" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-59", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-42110" }, { "db": "JVNDB", "id": "JVNDB-2010-003670" }, { "db": "NVD", "id": "CVE-2009-4664" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.1, "url": "http://blog.fwbuilder.org/2009/09/firewall-builder-v307-released.html" }, { "trust": 1.8, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-february/035112.html" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/36468" }, { "trust": 1.7, "url": "http://www.fwbuilder.org/docs/firewall_builder_release_notes.html#3.0.7" }, { "trust": 1.7, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=524588" }, { "trust": 1.7, "url": "http://osvdb.org/58247" }, { "trust": 1.7, "url": "http://secunia.com/advisories/36809" }, { "trust": 1.1, "url": "http://www.vupen.com/english/advisories/2010/0389" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53392" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4664" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4664" }, { "trust": 0.6, "url": "http://xforce.iss.net/xforce/xfdb/53392" }, { "trust": 0.3, "url": "http://www.fwbuilder.org/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/36809/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.2, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/business_solutions/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4664" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-4664" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201201-11.xml" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4956" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4956" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://secunia.com/blog/71/" }, { "trust": 0.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-february/035113.html" }, { "trust": 0.1, "url": "http://secunia.com/advisories/38585/" } ], "sources": [ { "db": "VULHUB", "id": "VHN-42110" }, { "db": "BID", "id": "36468" }, { "db": "JVNDB", "id": "JVNDB-2010-003670" }, { "db": "PACKETSTORM", "id": "81499" }, { "db": "PACKETSTORM", "id": "108991" }, { "db": "PACKETSTORM", "id": "86386" }, { "db": "NVD", "id": "CVE-2009-4664" }, { "db": "CNNVD", "id": "CNNVD-201003-033" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-42110" }, { "db": "BID", "id": "36468" }, { "db": "JVNDB", "id": "JVNDB-2010-003670" }, { "db": "PACKETSTORM", "id": "81499" }, { "db": "PACKETSTORM", "id": "108991" }, { "db": "PACKETSTORM", "id": "86386" }, { "db": "NVD", "id": "CVE-2009-4664" }, { "db": "CNNVD", "id": "CNNVD-201003-033" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2010-03-03T00:00:00", "db": "VULHUB", "id": "VHN-42110" }, { "date": "2009-09-21T00:00:00", "db": "BID", "id": "36468" }, { "date": "2012-06-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-003670" }, { "date": "2009-09-21T14:52:16", "db": "PACKETSTORM", "id": "81499" }, { "date": "2012-01-24T04:15:19", "db": "PACKETSTORM", "id": "108991" }, { "date": "2010-02-16T17:06:59", "db": "PACKETSTORM", "id": "86386" }, { "date": "2010-03-03T20:30:00.650000", "db": "NVD", "id": "CVE-2009-4664" }, { "date": "2010-03-03T00:00:00", "db": "CNNVD", "id": "CNNVD-201003-033" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-08-17T00:00:00", "db": "VULHUB", "id": "VHN-42110" }, { "date": "2015-04-13T21:49:00", "db": "BID", "id": "36468" }, { "date": "2012-06-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-003670" }, { "date": "2017-08-17T01:31:42.087000", "db": "NVD", "id": "CVE-2009-4664" }, { "date": "2010-03-04T00:00:00", "db": "CNNVD", "id": "CNNVD-201003-033" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "36468" }, { "db": "PACKETSTORM", "id": "81499" }, { "db": "PACKETSTORM", "id": "86386" }, { "db": "CNNVD", "id": "CNNVD-201003-033" } ], "trust": 1.1 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Firewall Builder Vulnerability gained in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2010-003670" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "post link", "sources": [ { "db": "CNNVD", "id": "CNNVD-201003-033" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.