4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.3%
Untrusted search path vulnerability in fwsnort before 1.6.4, when not running as root, allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory.
lists.fedoraproject.org/pipermail/package-announce/2014-February/128188.html
lists.fedoraproject.org/pipermail/package-announce/2014-February/128205.html
osvdb.org/102822
seclists.org/oss-sec/2014/q1/221
www.securityfocus.com/bid/65341
github.com/mrash/fwsnort/blob/master/ChangeLog
github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348