CVE-2005-4660

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2005
Last modified:
03/04/2025

Description

Race condition in IPCop (aka IPCop Firewall) before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by "nobody" but not yet encrypted, then executing ipcoprscfg to restore from this backup.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:ipcop:ipcop:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ipcop:ipcop:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ipcop:ipcop:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:ipcop:ipcop:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:ipcop:ipcop:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:ipcop:ipcop:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:ipcop:ipcop:1.4.9:*:*:*:*:*:*:*