>> F-Secure Anti-Virus for Linux Local Privilege Escalation Vulnerability
Title : F-Secure Anti-Virus for Linux Local Privilege Escalation Vulnerability VUPEN ID : VUPEN/ADV-2005-2331 CVE ID : CVE-2005-3546
Rated as : Moderate Risk
Remotely Exploitable : No Locally Exploitable : Yes Release Date : 2005-11-07
Technical Description
A vulnerability has been identified in F-Secure Anti-Virus Linux Gateway and F-Secure Internet Gatekeeper for Linux, which may be exploited by malicious local users to obtain elevated privileges. This issue is due to a design error where certain SUID world executable scripts installed by the application use the "execl" function insecurely, which could be exploited by local attackers to execute arbitrary shell scripts with "root" privileges.
Apply patches : ftp://ftp.f-secure.com/support/hotfix/ http://www.f-secure.co.jp/download/
Or execute the following commands :
For F-Secure Internet Gatekeeper for Linux - "chmod -s /opt/f-secure/fsigk/cgi/*suid.cgi"
For F-Secure Anti-Virus Linux Gateway - "chmod -s /home/virusgw/cgi/*suid.cgi" References
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback If you have additional information or corrections for this security advisory please submit them via our contact form.
