Vulnerability Details : CVE-2011-1920
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk.
Products affected by CVE-2011-1920
- cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ihji:pmake:1.111:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1920
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 19 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1920
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:L/AC:M/Au:N/C:N/I:P/A:P |
3.4
|
4.9
|
NIST |
CWE ids for CVE-2011-1920
-
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1920
-
https://bugzilla.redhat.com/show_bug.cgi?id=705090
705090 – pmake: Use of insecure temporary file for 'depend' targetExploit;Patch
-
http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.prog.mk.diff?r1=1.192&r2=1.193&f=h
src/share/mk/bsd.prog.mk - diff - 1.193Patch
-
http://openwall.com/lists/oss-security/2011/05/16/8
oss-security - Re: CVE Request -- pmake -- Use of insecure temporary file for 'depend' targetPatch
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626673
#626673 - pmake: insecure temporary files - Debian Bug report logsExploit;Patch
-
http://openwall.com/lists/oss-security/2011/05/16/2
oss-security - CVE Request -- pmake -- Use of insecure temporary file for 'depend' targetExploit;Patch
-
http://www.securityfocus.com/bid/47878
Pmake Insecure Temporary File Creation Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/67495
Pmake depend symlink CVE-2011-1920 Vulnerability Report
-
https://bugzilla.redhat.com/show_bug.cgi?id=705100
705100 – (CVE-2011-1920) CVE-2011-1920 mk-files: insecure temporary file usagePatch
-
http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.lib.mk.diff?r1=1.239&r2=1.240&f=h
src/share/mk/bsd.lib.mk - diff - 1.240Patch
Jump to