mirrorselect prior to 0.89 creates temporary files in a world-writable location with predictable file names, which allows remote malicious users to overwrite arbitrary files via a symlink attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gentoo mirrorselect 0.81 |
||
gentoo mirrorselect 0.82 |
||
gentoo mirrorselect 0.83 |
||
gentoo mirrorselect 0.84 |
||
gentoo mirrorselect 0.85 |
||
gentoo mirrorselect 0.86 |
||
gentoo mirrorselect 0.80 |
||
gentoo mirrorselect 0.87 |
||
gentoo mirrorselect 0.88 |