Bug 700763 (CVE-2009-5023) - CVE-2009-5023 fail2ban: Use of insecure default temporary file when unbanning an IP
Summary: CVE-2009-5023 fail2ban: Use of insecure default temporary file when unbanning...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2009-5023
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
: 718836 (view as bug list)
Depends On: 700765 700767 700768 700769
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-04-29 10:53 UTC by Jan Lieskovsky
Modified: 2019-09-29 12:44 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-06-10 22:23:51 UTC


Attachments (Terms of Use)

Description Jan Lieskovsky 2011-04-29 10:53:36 UTC
It was found that fail2ban IPs banner used insecure default temporary file
when unbanning an IP address. A local attacker could use this flaw to conduct
symlink attacks in order to gain access to sensitive information or potentially
to overwrite arbitrary file on the system.

References:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544232

Patch applied by Debian distribution:
[2] http://git.onerussian.com/?p=deb/fail2ban.git;a=commitdiff;h=ea7d352616b1e2232fcaa99b11807a86ce29ed8b

Comment 1 Jan Lieskovsky 2011-04-29 10:55:24 UTC
This issue affects the versions of the fail2ban package, as present
within EPEL-4, EPEL-5 and EPEL-6 repositories.

This issue affects the versions of the fail2ban package, as shipped
with Fedora release of 13 and 14.

Please schedule an update.

Comment 2 Jan Lieskovsky 2011-04-29 10:56:57 UTC
Created fail2ban tracking bugs for this issue

Affects: epel-4 [bug 700765]
Affects: epel-5 [bug 700767]
Affects: epel-6 [bug 700768]
Affects: fedora-all [bug 700769]

Comment 3 Jan Lieskovsky 2011-04-29 11:01:39 UTC
CVE Request:
[3] http://www.openwall.com/lists/oss-security/2011/04/29/1

Comment 4 Tomas Hoger 2011-04-29 12:15:45 UTC
(In reply to comment #1)
> This issue affects the versions of the fail2ban package, as shipped
> with Fedora release of 13 and 14.

This seems to be fixed in Fedora already - see fail2ban-0.8.4-notmp.patch:
http://pkgs.fedoraproject.org/gitweb/?p=fail2ban.git;a=blob;f=fail2ban-0.8.4-notmp.patch;h=dc09397f00790fdb494efced4f44675a9f56b0b7;hb=master

(In reply to comment #0)
> Patch applied by Debian distribution:
> http://git.onerussian.com/?p=deb/fail2ban.git;a=commitdiff;h=ea7d352616b1e2232fcaa99b11807a86ce29ed8b

Which seems to be a git-svn clone of the upstream SVN commit:
http://fail2ban.svn.sourceforge.net/viewvc/fail2ban?view=revision&revision=767

Comment 5 Axel Thimm 2011-04-30 13:32:29 UTC

*** This bug has been marked as a duplicate of bug 669965 ***

Comment 6 Vincent Danen 2011-05-02 22:04:21 UTC
Please don't close SRT bugs.  It does not look like fail2ban in EPEL has been fixed yet, so this bug shouldn't be closed.

This has also been assigned the name CVE-2009-5023.

Comment 7 Vincent Danen 2011-07-05 03:48:07 UTC
*** Bug 718836 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.