MidnightBSD

Advisories for ihji

CVE-2011-1920 LOW

The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk.

CVSS 2.0

Severity: LOW

Problem Type: CWE-59,

Products Affected

Vendor Product Version
netbsd netbsd 1.3.1
netbsd netbsd 1.3.3
netbsd netbsd 1.5.1
netbsd netbsd 1.4.1
netbsd netbsd 1.4.3
netbsd netbsd 1.0
netbsd netbsd 1.4
netbsd netbsd 1.2
netbsd netbsd 1.1
netbsd netbsd 1.3
netbsd netbsd 1.5.3
netbsd netbsd 1.4.2
ihji pmake 1.111
netbsd netbsd 1.6
netbsd netbsd 1.3.2
netbsd netbsd 1.5.2
netbsd netbsd 1.5
netbsd netbsd 1.2.1
netbsd netbsd *