pmount: insecure temporary file
| Package(s): | pmount |
CVE #(s): | CVE-2010-2192
|
| Created: | June 18, 2010 |
Updated: | June 23, 2010 |
| Description: |
From the Debian advisory:
Dan Rosenberg discovered that pmount, a wrapper around the standard mount
program which permits normal users to mount removable devices without a
matching /etc/fstab entry, creates files in /var/lock insecurely.
A local attacker could overwrite arbitrary files utilising a symlink attack.
|
| Alerts: |
| Gentoo |
201412-08 |
insight, perl-tk, sourcenav, tk, partimage, bitdefender-console, mlmmj, acl, xinit, gzip, ncompress, liblzw, splashutils, m4, kdm, gtk+, kget, dvipng, beanstalkd, pmount, pam_krb5, gv, lftp, uzbl, slim, iputils, dvbstreamer |
2014-12-11 |
| Debian |
DSA-2063-1 |
pmount |
2010-06-17 |
|
