| Date issued |
2005-11-07 |
| Risk factor |
Low/Critical (Low/Medium/High/Critical) |
| Brief description |
Local root vulnerability can be exploited to elevate privileges to root.
To solve the problem, please run the following command or install a new version of the product.
For F-Secure Internet Gatekeeper for Linux:
"chmod -s /opt/f-secure/fsigk/cgi/*suid.cgi"
For F-Secure Anti-Virus Linux Gateway:
"chmod -s /home/virusgw/cgi/*suid.cgi"
|
| Software |
F-Secure Internet Gatekeeper for Linux and
F-Secure Anti-Virus Linux Gateway
|
| Affected versions |
F-Secure Anti-Virus Internet Gatekeeper for Linux <2.15.484
F-Secure Anti-Virus Linux Gateway <2.16
|
| Affected platforms |
All platforms supported by the affected products |
| Bulletin location |
http://www.f-secure.com/security/fsc-2005-3.shtml |
 |
| Issue: |
Local user can elevate privileges to root by calling scripts installed by the product. The scripts are world executable and have the SUID bit enabled.
The severity of the issue is lowered if the product has been installed to a dedicated server that does not have any regular user accounts.
To solve the problem, please run the following command or install a new version of the product.
For F-Secure Internet Gatekeeper for Linux:
"chmod -s /opt/f-secure/fsigk/cgi/*suid.cgi"
For F-Secure Anti-Virus Linux Gateway:
"chmod -s /home/virusgw/cgi/*suid.cgi"
|
| Products: |
F-Secure Internet Gatekeeper for Linux <2.15.484
F-Secure Anti-Virus Linux Gateway <2.16
|
| Scenario 1: |
Default configuration. The product is installed to a dedicated server, properly hardened and configured. No local user accounts.
|
| Risk Factor: |
Low
There is a possibility to elevate privileges to root by attacking some other component in the system first to gain the initial access.
To solve the problem, please run the following command or install a new version of the product.
For F-Secure Internet Gatekeeper for Linux:
"chmod -s /opt/f-secure/fsigk/cgi/*suid.cgi"
For F-Secure Anti-Virus Linux Gateway:
"chmod -s /home/virusgw/cgi/*suid.cgi"
|
| Scenario 2: |
Default configuration. The product is installed to a server that one or more user accounts can access.
|
| Risk Factor: |
Critical
An user can elevate privileges to root by calling scripts that the product has installed, which are world executable and have the SUID bit enabled.
To solve the problem, please run the following command or install a new version of the product.
For F-Secure Internet Gatekeeper for Linux:
"chmod -s /opt/f-secure/fsigk/cgi/*suid.cgi"
For F-Secure Anti-Virus Linux Gateway:
"chmod -s /home/virusgw/cgi/*suid.cgi"
|
| Mitigating Factors: |
- Dedicated installation with a hardened environment without local accounts would deny the initial access to the machine.
|
| Patch Availability: |
|
|
| Credits: |
We thank Tigerteam.se Security http://www.tigerteam.se for bringing this issue to our attention.
|
| Revision History: |
FSC-2005-3 - 2005-11-07
|
| Contact Information: |
Support: http://support.f-secure.com/enu/home/contactus/
Security: http://www.f-secure.com/security/
URL: http://www.f-secure.com/
|
![](/images/pixel.gif"){kind=tracking}
