Описание
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
Дополнительная информация
Статус:
Important
https://bugzilla.redhat.com/show_bug.cgi?id=599697rpcbind: Insecure (predictable) temporary file use
6.6 Medium
CVSS2
Связанные уязвимости
CVSS3: 7.8
ubuntu
больше 6 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
CVSS3: 7.8
nvd
больше 6 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
CVSS3: 7.8
debian
больше 6 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) ...
CVSS3: 7.8
github
почти 4 года назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
6.6 Medium
CVSS2