[Full-disclosure] -advisory- * [Thu Mar 16 14:08:07 EST 2006] * DoS Vulnerability in Microsoft Excel
-advisory- * [Thu Mar 16 14:08:07 EST 2006] * DoS Vulnerability in Microsoft Excel == [+] DESCRIPTION Sending a specially crafted malformed packet to the services communication socket can create a loss of service. == [+] HISTORY 16-3-2006 [+] Public Disclosure. == [+] WORKAROUND There has had been no workarounds. == [+] VENDOR RESPONSE Microsoft Excel was offered no identified commentary regarding the problem at hand. == [+] CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-62138 to this issue == APPENDIX A VENDOR INFORMATION http://www.microsoft.com == CONTACT ZATAZ Audits [EMAIL PROTECTED] 1-888-565-9428 BEWARE THE JIZZTAPO!!! .. _ .' `. /\) / / / / /\ \ \ / \ _ \ \/ /\ \ (/\ \ / \ \ \ \ / \ (Y ) \ \/ /\ \ \ / \ \ \/ / / / / ( Y) GSAE CEH SSP-CNSA SSP-MPA GIPS GHTQ SSCP ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Advisory 2006-03-11Local Privilege Escalation Vulnerability in AOL Client Software
Advisory 2006-03-11 Local Privilege Escalation Vulnerability in AOL Client Software I. BACKGROUND Advisory marked for immediate release. II. DESCRIPTION AOL Client Software incorrectly validates user input III. HISTORY This advisory has no history. IV. WORKAROUND There are no known workarounds. V. VENDOR RESPONSE AOL Client Software has not commented on this issue. VI. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-636555 to this issue. APPENDIX A. - Vendor Information http://www.aol.com APPENDIX B. - References NONE CONTACT: *ZATAZ Audits [EMAIL PROTECTED] *1-888-LOL-WHAT *CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] flexbackup default config insecure temporary file creation
# flexbackup default config insecure temporary file creation Vendor: http://flexbackup.sourceforge.net/ Advisory: http://www.zataz.net/adviso/flexbackup-09192005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low # The vulnerabilities ared due to insecure temporary files creations due to a default config. They are symlink attacks to create arbitrary files with the privileges of the user running the affected script, sensitive informations disclosure, possible local or remote arbitrary commands execution. ## Versions: ## flexbackup = 1.2.1 ## Solution: ## Change default config $tmpdir # Timeline: # Discovered : 2005-09-06 Vendor notified : 2005-09-19 Vendor response : none Vendor fix : none Vendor Sec report ([EMAIL PROTECTED]) : 2005-09-30 Disclosure : 2005-10-15 # Technical details : # Vulnerable code : - * In /etc/flexbackup.conf : $tmpdir = '/tmp'; * Into flexbackup : checkvar(\$cfg::tmpdir,'tmpdir','exist','/tmp'); If tmpdir is not defined /tmp is used by default, but here into conf file tmpdir is by default set to /tmp 5229 my $tmp_script = $cfg::tmpdir/buftest.$host.$PROCESS_ID.sh; 5236 # Create a script which tests the buffer program 5237 open(SCR, $tmp_script) || die; 5238 print SCR #!/bin/sh\n; 5239 print SCR tmp_data=/tmp/bufftest\$\$.txt\n; 5240 print SCR tmp_err=/tmp/bufftest\$\$.err\n; 5241 print SCR echo testme \$tmp_data\n; 5242 print SCR $buffer_cmd /dev/null 2 \$tmp_err \$tmp_data\n; 5243 print SCR res=\$?\n; 5244 print SCR out=\`cat \$tmp_err\`\n; 5245 print SCR if [ \$res -eq 0 ]; then\n; 5246 print SCRecho successful\n; 5247 print SCR else\n; 5248 print SCRecho \unsuccessful: exit code \$res: \$out\ \n; 5249 print SCR fi\n; 5250 print SCR rm -f \$tmp_data \$tmp_err\n; 5251 close(SCR); Here we have possible symlink attack (race condition), and also possibility to create a untrusted script into the tmp_script (race condition). The script how is created is also vulnerable to possible symlink attack (race condition). 5253 if ($host eq 'localhost') { 5254 print $::msg | Checking '$cfg::buffer' on this machine... ; 5255 $pipecmd = sh $tmp_script ; 5256 } else { 5257 print $::msg | Checking '$cfg::buffer' on host $host... ; 5258 $pipecmd = cat $tmp_script | ($::remoteshell $host 'cat $tmp_script; sh $tmp_script; rm -f $tmp_script'); We see here that the untrusted script could be executed on localhost or remote host. 5446 my $tmp1 = $cfg::tmpdir/test1.$PROCESS_ID; 5447 my $tmp2 = $cfg::tmpdir/test2.$PROCESS_ID; 5448 my $tmp3 = $cfg::tmpdir/test3.$PROCESS_ID; Here the $cfg::pad_blocks should be false to exploit the possible symlink attack (race condition). By default in the conf file pad_blocks is true. No risk if no configuration modification. 359 if (defined($::pkgdelta)) { 360 if (defined($::local)) { 361 list_packages('localhost'); 362 find_packaged_files('localhost'); 363 find_changed_files('localhost'); 364 } 365 foreach my $host (keys %::remotehosts) { 366 list_packages($host); 367 find_packaged_files($host); 368 find_changed_files($host); 369 } 370 $::pkgdelta_filelist = $cfg::tmpdir/pkgdelta.$PROCESS_ID; 371 line(); 372 } Here we have possible symlink attack (race condition) 619 my $exitscript = $cfg::tmpdir/collectexit.$PROCESS_ID.sh; 620 my $result = $cfg::tmpdir/exitstatus.$PROCESS_ID; 841 unlink($result); 842 open(SCR, $exitscript) || die; 843 print SCR '#!/bin/sh' . \n; 844 print SCR '$@' . \n;; 845 print SCR '[ $? = 0 ] || echo $@ ' . $result . \n; 846 close(SCR); 847 chmod(0755, $exitscript); 848 849 push(@cmds, [ ! -e $result ]); 850 } This one is more difficult to race. # Related : # Bug report : http://bugs.gentoo.org/show_bug.cgi?id=105000 CVE : CAN-2005-2965 # Credits : # Eric Romang ([EMAIL PROTECTED] - ZATAZ Audit) - Gentoo Security Scout Thxs to Gentoo Security Team. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] apachetop insecure temporary file creation
# apachetop insecure temporary file creation Vendor: http://clueful.shagged.org/apachetop/ Advisory: http://www.zataz.net/adviso/apachetop-09022005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low # The vulnerability is caused due to temporary file being created insecurely. This can be exploited via symlink attacks in combination to create and overwrite arbitrary files with the privileges of the user running the affected script. ## Versions: ## apachetop = 0.12.5 ## Solution: ## Apply : apachetop_CAN-2005-2660.patch Patch from Steve Kemp (Debian) http://bugs.gentoo.org/attachment.cgi?id=69342 # Timeline: # Discovered : 2005-09-02 Vendor notified : 2005-09-02 Vendor response : no reponse Vendor fix : no patch Vendor Sec report ([EMAIL PROTECTED]) : 2005-09-13 Disclosure : 2005-09-30 # Technical details : # Vulnerable code : - ake a look at : src/apachetop.h 247 #define DEBUG_OUTPUT /tmp/atop.debug Then in : src/apachetop.cc 85 cf.debug = true; 1103 int dprintf(const char *fmt, ...) /* {{{ */ 1104 { 1105 FILE *d; 1106 va_list args; 1107 1108 if (cf.debug (d = fopen(DEBUG_OUTPUT, a))) 1109 { 1110 va_start(args, fmt); vfprintf(d, fmt, args); 1112 fclose(d); 1113 va_end(args); 1114 } 1115 1116 return 0; 1117 } /* }}} */ # Related : # Bug report : http://bugs.gentoo.org/show_bug.cgi?id=104473 CVE : CAN-2005-2660 # Credits : # Eric Romang ([EMAIL PROTECTED] - ZATAZ Audit) - Gentoo security scout Thxs to Gentoo Security Team. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] ncompress insecure temporary file creation
# ncompress insecure temporary file creation Vendor: ftp://ftp.leo.org/pub/comp/os/unix/linux/sunsite/utils/compress/ Advisory: http://www.zataz.net/adviso/ncompress-09052005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low # The vulnerability is caused due to temporary file being created insecurely. This can be exploited via symlink attacks in combination with a race condition to create and overwrite arbitrary files with the privileges of the user running the affected script. Secunia has reported that D1g1t4lLeech has discovered this bug the 2005-09-16 ZATAZ Audit has discovered this bug the 2005-09-05 D1g1t4lLeech is a true Leecher :) Gentoo Security take care on your IRC Channel, spy everywhere. ## Versions: ## ncompress = 4.2.4-r1 ## Solution: ## To prevent symlink attack use kernel patch such as grsecurity # Timeline: # Discovered : 2005-09-05 Vendor notified : 2005-09-05 Vendor response : no reponse Vendor fix : no patch Vendor Sec report ([EMAIL PROTECTED]) : Disclosure : # Technical details : # ncompress use vulnerable version off zdiff and zcmp. # Related : # Secunia : http://secunia.com/advisories/13131/ CVE : CAN-2004-0970 # Credits : # Eric Romang ([EMAIL PROTECTED] - ZATAZ Audit) Thxs to Gentoo Security Team. (Taviso, jaervosz, solar, Koon, etc.) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Message for D1g1t4lLeech ZATAZ Audit has discovered this bug the 2005-09-05 D1g1t4lLeech you are a true Leecher ;)
Hello Mister D1g1t4lLeech, You are not able to find by yourself security holes ;) So you leech other people research. Go back to you kazaa leech. Secunia you continu to don't respect vendor release date ;) Bye ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] gtkdiskfree insecure temporary file creation
# gtkdiskfree insecure temporary file creation Vendor: http://gtkdiskfree.tuxfamily.org/ (no more avaible) Advisory: http://www.zataz.net/adviso/gtkdiskfree-09052005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low # The vulnerability is caused due to temporary file being created insecurely. This can be exploited via symlink attacks to create and overwrite arbitrary files with the privileges of the user running the affected script. ## Versions: ## gtkdiskfree = 1.9.3 ## Solution: ## To prevent symlink attack use kernel patch such as grsecurity # Timeline: # Discovered : 2005-09-02 Vendor notified : 2005-09-05 Vendor response : no reponse Vendor fix : no patch Vendor Sec report ([EMAIL PROTECTED]) : 2005-09-05 Disclosure : 2005-09-15 # Technical details : # Vulnerable code : - Take a look at : src/mount.h 23 #define TUBE_NAME/tmp/gtkdiskfree Then to : src/mount.c 32 open_cmd_tube (const gchar *cmd, const gchar *mount_point) 33 { 34 gint status; 35 gchar error[MAXLINE], *line; 36 FILE *sh, *tmp; 37 38 setbuf(stdout, error); 39 line = g_strconcat(cmd, , mount_point, , TUBE_NAME, NULL); 40 sh = popen(line, r); 41 g_free(line); 42 43 status = pclose(sh); 44 45 if (status == 0) { 46 remove(TUBE_NAME); 47 gui_list_main_update(GTK_TREE_VIEW(list_treeview)); 48 49 return; 50 } else { 51 if ((tmp = fopen(TUBE_NAME, r)) == NULL) { 52 gui_list_main_update(GTK_TREE_VIEW(list_treeview)); 53 54 return; 55 } 56 if (fgets(error, MAXLINE-1, tmp) == NULL) { 57 fclose(tmp); 58 remove(TUBE_NAME); 59 gui_list_main_update(GTK_TREE_VIEW(list_treeview)); 60 61 return; 62 } 63 fclose(tmp); 64 remove(TUBE_NAME); 65 error_window(error); 66 } 67 gui_list_main_update(GTK_TREE_VIEW(list_treeview)); 68 69 return; 70 } # Related : # Bug report : http://bugs.gentoo.org/show_bug.cgi?id=104565 CVE : No CVE # Credits : # Eric Romang ([EMAIL PROTECTED] - ZATAZ Audit) - Gentoo Security Scout Thxs to Gentoo Security Team. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] ekg insecure temporary file creation and arbitrary code execution
# ekg insecure temporary file creation and arbitrary code execution Vendor: http://dev.null.pl/ekg/ Advisory: http://www.zataz.net/adviso/ekg-06062005.txt Vendor informed: yes Exploit available: no Impact : high Exploitation : high # The vulnerabilities are caused due to temporary file being created insecurely. This can be exploited via symlink attacks in combination to create and overwrite arbitrary files with the privileges of the user running the affected script and also arbitrary command possible by spiking the temporary file. ## Versions: ## ekg = 2005-06-05 22:03 ## Solution: ## For the symlink attack use kernel patch such as grsecurity # Timeline: # Discovered : 2005-05-27 Vendor notified : 2005-06-06 Vendor response : no response Vendor fix : no fix Vendor Sec report ([EMAIL PROTECTED]) : 2005-06-27 Disclosure : 2005-07-04 # Technical details : # Vulnerable code : - In contrib/scripts/linki.py 95 def czyjest (): 96 if os.path.exists('/tmp/rmrmg_ekg_url'): 97 wejsc= open ('/tmp/rmrmg_ekg_url') 98 file = wejsc.readlines() 99 dlug=len(file) 100 wejsc.close() 101 #ekg.printf(generic, liczno¶æ %d %(dlug)) 102 return file 103 else: 104 return 0 Then 35 def handle_keypress(meta, key): 36 if key == 269: 37 ekg.printf(generic, wci¶nieto F5) 38 nurl=czyjest() 39 if nurl == 0: 40 ekg.printf(generic, nie ma zadnego adresu URL) 41 else: 42 dlug=len(nurl) 43 if dlug == 1: 44 ekg.printf(generic, otwieram %s w nowej zak³adce %(nurl[0])) 45 os.system(MozillaFirebird -remote 'openURL(%s,new-tab)' %(nurl[0])) 46 os.system('rm /tmp/rmrmg_ekg_url') 47 else: 48 ekg.printf(generic, linków mam %d %(dlug)) 49 wielejest(nurl) 50 ekg.printf(generic, otwieram %s w nowej zak³adce %(nurl[0])) 51 os.system(MozillaFirebird -remote 'openURL(%s, new-tab)' %(nurl[0])) 52 elif key == 270: 53 ekg.printf(generic, wcisniêto F6) 54 nurl=czyjest() 55 if nurl == 0: 56 ekg.printf(generic, nic nie moge skasowaæ - nie mazadnego adresu URL) 57 else: 58 dlug=len(nurl) 59 if dlug == 1: 60 ekg.printf(generic, kasuje adres %s %(nurl[0])) 61 os.system('rm /tmp/rmrmg_ekg_url') 62 else: 63 ekg.printf(generic, jest wiele linków) 64 wielejest(nurl) 65 ekg.printf(generic, kasuje pierwszy czyli: %s%(nurl[0])) 66 elif key == 271: 67 ekg.printf(generic, wcisniêto F7) 68 nurl=czyjest() 69 if nurl == 0: 70 ekg.printf(generic, nie ma zadnego adresu URL) 71 else: 72 dlug=len(nurl) 73 if dlug == 1: 74 ekg.printf(generic, otwieram %s w nowym oknie%(nurl[0])) 75 os.system(MozillaFirebird %s %(nurl[0])) 76 os.system('rm /tmp/rmrmg_ekg_url') 77 else: 78 ekg.printf(generic, linków mam %d %(dlug)) 79 wielejest(nurl) 80 ekg.printf(generic, otwieram %s w nowym oknie%(nurl[0])) 81 elif key == 272: 82 ekg.printf(generic, wcisniêto F8) 83 nurl=czyjest() 84 ekg.printf(generic, F5 - otwiera w nowej zak³adce; F7 wnowym oknie, a F6 kasuje, wszystko tyczy siê pierwszej pozycji zlisty) 85 if nurl == 0: 86 ekg.printf(generic, nie ma zadnego adresu URL) 87 else: 88 dlug=len(nurl) 89 ekg.printf(generic, linków mam %d oto one: %(dlug)) 90 for po in nurl: 91 ekg.printf(generic, %s %(po)) 92 return 1 # Related : # Gentoo Bugs report : http://bugs.gentoo.org/show_bug.cgi?id=94172 CVE : CAN-2005-1916 # Credits : # Eric Romang ([EMAIL PROTECTED] - ZATAZ Audit) Thxs to Gentoo Security Team. (Taviso, jaervosz, solar, tigger, etc.) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] kpopper insecure temporary file creation
# kpopper insecure temporary file creation Vendor: http://kpopper.sourceforge.net/ Advisory: http://www.zataz.net/adviso/kpopper-06152005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low # The vulnerability is caused due to temporary file being created insecurely. This can be exploited via symlink attacks in combination to create and overwrite arbitrary files with the privileges of the user running the affected script. ## Versions: ## kpopper = 1.0 ## Solution: ## To prevent symlink attack use kernel patch such as grsecurity # Timeline: # Discovered : 2005-06-13 Vendor notified : 2005-06-15 Vendor response : no reponse Vendor fix : no fix Vendor Sec report ([EMAIL PROTECTED]) : 2005-06-27 Disclosure : 2005-07-04 # Technical details : # Vulnerable code : - popper/popper-send.sh #!/bin/sh echo $2 /tmp/.popper-new echo `date +%a %l:%m %p` /tmp/.popper-new cat $1 /tmp/.popper-new mv -f /tmp/.popper-new /tmp/.popper The .popper is also used into : popper/popper.cpp # Related : # Bug report : http://bugs.gentoo.org/show_bug.cgi?id=94475 CVE : CAN-2005-1917 # Credits : # Eric Romang ([EMAIL PROTECTED] - ZATAZ Audit) Thxs to Gentoo Security Team. (Taviso, jaervosz, solar, etc.) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] log4sh insecure temporary file creation
# log4sh insecure temporary file creation Vendor: http://forestent.com/products/log4sh/ Advisory: http://www.zataz.net/adviso/log4sh-06092005.txt Vendor informed: yes Exploit available: no Impact : low Exploitation : low # The vulnerabilities are caused due to temporary file being created insecurely. This can be exploited via symlink attacks in combination to create and overwrite arbitrary files with the privileges of the user running the affected script. ## Versions: ## log4sh = 1.2.5 ## Solution: ## Use kernel patch such as grsecurity # Timeline: # Discovered : 2005-05-26 Vendor notified : 2005-06-09 Vendor response : no reponse Vendor fix : no fix Vendor Sec report ([EMAIL PROTECTED]) : 2005-06-27 Disclosure : 2005-07-04 # Technical details : # Vulnerable code : - 356 log4sh_readProperties() 357 { 358 _file=$1 359 360 _tmpFile=/tmp/log4sh.$$ 361 grep ^log4sh\. $_file $_tmpFile # Related : # Gentoo Bugs report : http://bugs.gentoo.org/show_bug.cgi?id=94069 # Credits : # Eric Romang ([EMAIL PROTECTED] - ZATAZ Audit) Thxs to Gentoo Security Team. (Taviso, jaervosz, solar, tigger, etc.) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] GIPTables Firewall = v1.1 insecure temporary file creation
# GIPTables Firewall insecure temporary file creation Vendor: http://www.giptables.org/ Advisory: http://www.zataz.net/adviso/giptables-05222005.txt Vendor informed: yes Exploit available: yes Impact : medium Exploitation : low # The vulnerability is caused due to temporary file being created insecurely. This can be exploited via symlink attacks in combination with a race condition to create and overwrite arbitrary files with the privileges of the user running the affected script. It is also possible to cause a Denial of Service by manipulating the ip adresses present into the temporary file The exploitation require that the root configure or reconfigure his firewall rules. ## Versions: ## GIPTables Firewall = v1.1 ## Solution: ## non solution yet. # Timeline: # Discovered : 2005-05-22 Vendor notified : 2005-05-22 Vendor response : no response Vendor fix : no fix Disclosure : 2005-06-06 # Technical details : # Vulnerable code : - - - # Network Ghouls [ $NETWORK_GHOULS == yes ] \ [ $DEBUG = on ] echo -e \n# Network Ghouls if [ $NETWORK_GHOULS == yes ] [ -f $GIPTABLES_BLOCKED_FILE ]; then deny_file=$GIPTABLES_BLOCKED_FILE temp_file=/tmp/temp.ip.addresses cat $deny_file | sed -n -e s/^[ ]*\([0-9.]*\).*$/\1/p | awk ' $1 ' $temp_file while read ip_addr do drop_ipaddr interface0_in source $ip_addr \ drop_ipaddr interface0_out destination $ip_addr [ -n $INTERFACE1 ] \ drop_ipaddr interface1_in source $ip_addr \ drop_ipaddr interface1_out destination $ip_addr [ -n $INTERFACE1 ] \ drop_ipaddr network1_in source $ip_addr \ drop_ipaddr network1_out destination $ip_addr done $temp_file rm -f $temp_file /dev/null 21 unset temp_file unset deny_file fi # Related : # nothing related ## Possible fix : ## deny_file=$GIPTABLES_BLOCKED_FILE if mkdir /tmp/.giptables.$$; then chmod 700 /tmp/.giptables.$$ temp_file=/tmp/.giptables.$$/temp.ip.addresses else echo $Error: failed to create temporary file 12 exit 1 fi temp_file=/tmp/.giptables.$$/temp.ip.addresses # Credits : # Eric Romang ([EMAIL PROTECTED] - ZATAZ Audit) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] LutelWall = 0.97 insecure temporary file creation
# LutelWall insecure temporary file creation Vendor: http://firewall.lutel.pl/index.php Advisory: http://www.zataz.net/adviso/lutelwall-05222005.txt Vendor informed: yes Exploit available: yes Impact : medium Exploitation : low # The vulnerability is caused due to temporary file being created insecurely. This can be exploited via symlink attacks to create and overwrite arbitrary files with the privileges of the user running the affected script. The exploitation require that the root try to update the software. ## Versions: ## LutelWall = 0.97 ## Solution: ## non solution yet. # Timeline: # Discovered : 2005-05-22 Vendor notified : 2005-05-22 Vendor response : none Vendor fix : no fix Disclosure : 2005-06-06 # Technical details : # Vulnerable code : - # Prefix of temporary firewall files tmp='/tmp/lutelwall' new_version_check () { # Check for new version of script if [ `wget -V 21 /dev/null` ]; then message 3 Warrning: Wget is required to check for updates. else new_ver=`wget -C off -O - -q -t 1 -T 3 -w 3 -U \`uname -a 21\` http://firewall.lutel.pl/ver` if [ `echo $current_version | gawk '{ gsub(\\\.,) ; print 1$0 }'` -lt `echo $new_ver | gawk '{ gsub(\\\.,) ; print 1$0 }'` ]; then echo -e \nThere is newer version of LutelWall (${new_ver}) echo -n Changes since previous version: echo `wget -C off -O $tmp-newfeat -q -t 1 -T 3 -w 3 http://firewall.lutel.pl/FEATURES-${new_ver}` cat $tmp-newfeat echo Do you want to update [y/N]? read -s -t 5 -n 1 ln if [ $ln = 'y' -o $ln = 'Y' ]; then wget -O $tmp-script -q -T 3 http://firewall.lutel.pl/lutelwall cat $tmp-script $0 rm -rf $tmp-script echo Your firewall is up to date, exiting after update! exit else message 5 Update aborted fi else message 5 LutelWall is up-to-date fi; fi; } # Related : # nothing related # Credits : # Eric Romang ([EMAIL PROTECTED] - ZATAZ Audit) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/