ALAS-2014-409


Amazon Linux AMI Security Advisory: ALAS-2014-409
Advisory Release Date: 2014-09-19 12:08 Pacific
Severity: Medium
References: CVE-2014-0039 

Issue Overview:

Untrusted search path vulnerability in fwsnort before 1.6.4, when not running as root, allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory.


Affected Packages:

fwsnort


Issue Correction:
Run yum update fwsnort to update your system.

New Packages:
noarch:
    fwsnort-1.6.4-1.5.amzn1.noarch

src:
    fwsnort-1.6.4-1.5.amzn1.src