Lucene search
Gentoo FoundationMGASA-2013-0331HistoryNov 21, 2013 - 12:26 a.m.
Updated pmake packages fix CVE-2011-1920
2013-11-2100:26:06
Gentoo Foundation
advisories.mageia.org
7
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
9.8%
Updated pmake package fixes security vulnerability: The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and earlier, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to bsd.lib.mk and bsd.prog.mk (CVE-2011-1920).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 2 | noarch | pmake | < 1.45-10.1 | pmake-1.45-10.1.mga2 |
| Mageia | 3 | noarch | pmake | < 1.45-11.1 | pmake-1.45-11.1.mga3 |
Related
prion
prion
Design/Logic Flaw
2011-05-23 22:55:00
ubuntucve
ubuntucve
CVE-2011-1920
2011-05-23 00:00:00
gentoo
gentoo
pmake: Insecure temporary file usage
2013-10-28 00:00:00
cvelist
cvelist
CVE-2011-1920
2011-05-23 22:00:00
nessus
nessus
Mandriva Linux Security Advisory : pmake (MDVSA-2013:271)
2013-11-22 00:00:00
GLSA-201310-17 : pmake: Insecure temporary file usage
2013-10-29 00:00:00
RHEL 4 : pmake (Unpatched Vulnerability)
2024-06-03 00:00:00
nvd
nvd
CVE-2011-1920
2011-05-23 22:55:01
openvas
openvas
Gentoo Security Advisory GLSA 201310-17
2015-09-29 00:00:00
Mageia: Security Advisory (MGASA-2013-0331)
2022-01-28 00:00:00
cve
cve
CVE-2011-1920
2011-05-23 22:55:01
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
9.8%
Related for MGASA-2013-0331