Download NuFW 2.0.4/1.0.27
The NuFW program is an extensive firewall that can filter each connection based on the user’s rights and the operating system used. It uses an ldap server to check the granted permissions and Netfilter to apply the set filtering technique. For more information about NuFW, please refer to this page. The developers have released version 2.0.4 and 1.0.27 with the following announcement:
NuFW 2.0.4, “astonished porcupine”, has been released to fix a potential security problem on the authentication server (nuauth).
INL’s internal study has shown that an authenticated user could be able to bring nuauth down by sending a particularly well crafted packet with a hacked NuFW client. This bug is not known to be exploitable for something else than crashing the server.
NuFW core team recommends all users to upgrade their nuauth installation.
This bug also applies to branch 1.0 of NuFW and NuFW 1.0.27 has been released to fix this issue.
Full changelog for 2.0.4 is as follow:
- fix denial of service from authenticated users
- cleanly exit from nuauth when launched twice
- accept IPv4 packet with no payload
Version number | 2.0.4/1.0.27 |
Operating systems | Linux |
Website | NuFW |
Download | |
License type | GPL |