CVE-2007-2837

Publication date 3 July 2007

Last updated 17 July 2025

Ubuntu priority

Description

The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
fireflier	7.10 gutsy	Fixed 1.1.7ubuntu1
	7.04 feisty	Fixed 1.1.6-3ubuntu0.1
	6.10 edgy	Ignored end of life, was needed
	6.06 LTS dapper	Fixed 1.1.6-2ubuntu0.6.06

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2007-2837

CVE-2007-2837

Description

Status

References

Other references

Access our resources on patching vulnerabilities