pimd symbolic links vulnerability - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

pimd symbolic links vulnerability
Published: 19.01.2011
Source: BUGTRAQ
SecurityVulns ID: 11363
Type: local
Level: 4/10
Description: Symbolic links vulnerability on signals processing.

CVE: CVE-2011-0007 (pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary files via a symlink attack on (1) pimd.dump when a USR1 signal is sent, or (2) pimd.cache when USR2 is sent.)

Original document DEBIAN, [SECURITY] [DSA 2147-1] Security update for pimd (19.01.2011)

Discuss: Read or add your comments to this news (0 comments)