iscsi_discovery in open-iscsi could be made to overwrite files as the administrator.
Colin Watson discovered that iscsi_discovery in Open-iSCSI did not safely create temporary files. A local attacker could exploit this to to overwrite arbitrary files with root privileges.
20 October 2011
A security issue affects these releases of Ubuntu and its derivatives:
iscsi_discovery in open-iscsi could be made to overwrite files as the administrator.
Colin Watson discovered that iscsi_discovery in Open-iSCSI did not safely create temporary files. A local attacker could exploit this to to overwrite arbitrary files with root privileges.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.