Info

Disclosure

Oct 06, 2005

Discovery

Unknown

Dates

Exploit

Oct 06, 2005

Solution

Unknown

Description

mason contains a flaw that may leave a system without a firewall after a reboot. The issue is triggered when a user configures mason after the installation, resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Misconfiguration
Impact: Loss of Integrity
Exploit: Exploit Public

Solution

Upgrade to version 1.0.0-3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Debian

mason

1.0.0-2

References

Secunia Advisory ID: 17084
CVE ID: 2005-3118 (see also: NVD)
Vendor Specific Advisory URL: http://www.debian.org/security/2005/dsa-845

Credit

Christoph Martin -

Direct URL: http://osvdb.org/19875