CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-4659

IPCop (aka IPCop Firewall) before 1.4.10 has world-readable permissions for the backup.key file, which might allow local users to overwrite system configuration files and gain privileges by creating a malicious encrypted backup archive owned by "nobody", then executing ipcoprscfg to restore from this backup.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.3%

CVSS Severity

CVSS v2 Score 2.1

References

http://secunia.com/advisories/17513/
http://sourceforge.net/project/shownotes.php?release_id=369759
http://sourceforge.net/tracker/index.php?func=detail&aid=1344032&group_id=40604&atid=428516
http://www.securityfocus.com/bid/15377
https://exchange.xforce.ibmcloud.com/vulnerabilities/23056
http://secunia.com/advisories/17513/
http://sourceforge.net/project/shownotes.php?release_id=369759
http://sourceforge.net/tracker/index.php?func=detail&aid=1344032&group_id=40604&atid=428516
http://www.securityfocus.com/bid/15377
https://exchange.xforce.ibmcloud.com/vulnerabilities/23056

Products affected by CVE-2005-4659

Ipcop » Ipcop » Version: 1.4.1

cpe:2.3:a:ipcop:ipcop:1.4.1
Ipcop » Ipcop » Version: 1.4.2

cpe:2.3:a:ipcop:ipcop:1.4.2
Ipcop » Ipcop » Version: 1.4.4

cpe:2.3:a:ipcop:ipcop:1.4.4
Ipcop » Ipcop » Version: 1.4.5

cpe:2.3:a:ipcop:ipcop:1.4.5
Ipcop » Ipcop » Version: 1.4.6

cpe:2.3:a:ipcop:ipcop:1.4.6
Ipcop » Ipcop » Version: 1.4.8

cpe:2.3:a:ipcop:ipcop:1.4.8
Ipcop » Ipcop » Version: 1.4.9

cpe:2.3:a:ipcop:ipcop:1.4.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-4659

Products

Pricing

Contact Us