CVE-2009-5023 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-5023 Interim 1 10 2023-12-08T03:14:24Z current 2021-05-30T12:49:43Z 2023-12-08T03:14:24Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-5023 The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed SuSEfirewall2-fail2ban-0.9.5-1.1 fail2ban-0.9.5-1.1 nagios-plugins-fail2ban-0.9.5-1.1 SuSEfirewall2-fail2ban-0.9.5-1.1 as a component of openSUSE Tumbleweed fail2ban-0.9.5-1.1 as a component of openSUSE Tumbleweed nagios-plugins-fail2ban-0.9.5-1.1 as a component of openSUSE Tumbleweed The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt. CVE-2009-5023 openSUSE Tumbleweed:SuSEfirewall2-fail2ban-0.9.5-1.1 openSUSE Tumbleweed:fail2ban-0.9.5-1.1 openSUSE Tumbleweed:nagios-plugins-fail2ban-0.9.5-1.1 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:C/A:N