Bugs - CSF

Configserver Firewall (CSF)

#	VER	L/R	AUTH	S	REPORTED	TYPE	DESCRIPTION
01	2.66	L	N	Y	04/17/2007	shell invocation	`file -i` ran as root on user controlled filenames
02	2.67	L	N	Y	04/18/2007	shell invocation	`/bin/tar` ran as root on user controlled filenames
03	2.67	L	Y	N	04/18/2007	permissions	non-root permissions on init script
04	2.67	R	N	Y	unreported	shell invocation	remote command execution as root (LF_HTACCESS)
05	2.67	R	N	Y	unreported	shell invocation	remote command execution as root (LF_HTACCESS)
06	2.67	R	N	Y	unreported	shell invocation	remote command execution as root (LF_MODSEC)
07	2.76	L	N	Y	06/11/2007	shell invocation	insecure perl open() call as root on user controlled filename
08	2.76	R	N	Y	06/11/2007	design issue	remotely block any IP address (pure-ftpd regexp)
09	3.28	R	N	Y	05/18/2008	design issue	remotely block any IP address (smtpauth regexp)
10	3.28	R	N	Y	05/18/2008	design issue	remotely block any IP address (pop3d regexp)
11	3.28	R	N	Y	05/18/2008	design issue	remotely block any IP address (imapd regexp)
12	3.28	R	N	Y	05/18/2008	design issue	remotely block any IP address (modsec v1 regexp)
13	3.28	R	N	Y	05/18/2008	design issue	remotely block any IP address (modsec v2 regexp)
14	3.28	R	N	Y	05/18/2008	design issue	remotely block any IP address (apache 1.x htaccess regexp)
15	3.28	R	N	Y	05/18/2008	design issue	remotely block any IP address (apache 2.x htaccess regexp)
16	3.28	L	N	Y	05/18/2008	design issue	local users can disable LFD, disrupt CSF functionality
17	3.28	R	N	Y	05/18/2008	design issue	remotely DoS any host running CSF
18	5.22	R	N	Y	05/??/2011	shell invocation	remote command execution as root

Trivial	very minor issues
Low	XSS, info leaks
Medium	destructive actions, access others' accounts
High	local root (auth required), /root/.accesshash, /etc/shadow access
Less Critical	local root (no auth required)
Critical	remote root (no auth required)
L/R	Local/Remote
Auth	Authentication required
S	Bug found via source code review