Title: RedHat Linux IPTables Save Option Unrestorable Rules Vulnerability
Severity: MODERATE
Description:
Red Hat Linux is a freely available, Open Source clone of the Unix Operating System. It is distributed and maintained by Red Hat Incorporated.
A problem with the firewall infrastructure included with the Operating System could make it possible for a administrator to unknowingly expose a system to unnecessary risk.
The problem is in the save format used by the iptables program. iptables will create a save file of the current active ruleset when the -c option is used. When an administrator attempts to save a firewall ruleset to file, the format in which the ruleset is saved is not one that can be understood by iptables when an attempt to reload the saved ruleset is made.
An administrator saving a firewall configuration to a file that will be loaded by the system on the next reboot will leave the system unprotected. This could result in a remote user gaining access to sensitive services on a system, and potentially local access or elevated privileges on systems that have been deployed insecurely.
Affected Products:
- RedHat Linux 7.1.0
- RedHat Linux 7.1.0 alpha
- RedHat Linux 7.1.0 i386
- RedHat Linux 7.2.0
- RedHat Linux 7.2.0 i386
- RedHat iptables-1.2.3-1.i386.rpm 0.0.0
- RedHat iptables-1.2.3-1.i386.rpm 0.0.0
- RedHat iptables-ipv6-1.2.1a-1.i386.rpm 0.0.0
- RedHat iptables-ipv6-1.2.3-1.i386.rpm 0.0.0
References:
- RedHat: Updates, Fixes, and Errata Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
