---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: My Firewall Plus Arbitrary File Corruption Vulnerability SECUNIA ADVISORY ID: SA13577 VERIFY ADVISORY: http://secunia.com/advisories/13577/ CRITICAL: Not critical IMPACT: Manipulation of data, DoS WHERE: Local system SOFTWARE: My Firewall Plus 5.x http://secunia.com/product/4276/ DESCRIPTION: Secunia Research has discovered a vulnerability in My Firewall Plus, which can be exploited by malicious, local users to manipulate the content of arbitrary files on a vulnerable system. The vulnerability is caused due to the Log Viewer's export functionality saving log files without dropping its privileges first. This can be exploited to corrupt arbitrary files on the system with logging information. Successful exploitation requires that the user has access to the Log Viewer (all users by default). The vulnerability has been confirmed in version 5.0 (build 1117). Other versions may also be affected. NOTE: This vulnerability has been rated "Not critical" as only trusted users should have access to the configuration and logging functionality. SOLUTION: Update to version 5.0 (build 1119) or apply patch. Patch: http://www.webroot.com/services/mfp_patch.exe Use the "Password Protection" feature to restrict access to the configuration and logging functionality. PROVIDED AND/OR DISCOVERED BY: Carsten Eiram, Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2004-20/ Webroot: http://www.webroot.com/services/mfp_advisory.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------