Описание
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
Дополнительная информация
Статус:
Important
https://bugzilla.redhat.com/show_bug.cgi?id=599697rpcbind: Insecure (predictable) temporary file use
EPSS
Процентиль: 19%
0.00061
Низкий
6.6 Medium
CVSS2
Связанные уязвимости
CVSS3: 7.8
ubuntu
около 6 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
CVSS3: 7.8
nvd
около 6 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
CVSS3: 7.8
debian
около 6 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) ...
CVSS3: 7.8
github
больше 3 лет назад
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
EPSS
Процентиль: 19%
0.00061
Низкий
6.6 Medium
CVSS2