CVE-2010-2064

Summary

rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr.

Affected Software

VendorProductVersion RangeStatus
rpcbindrpcbind0.2.0affected

Weaknesses

  • Insecure (predictable) temporary file use

ADP Enrichment

CVE Program Container

Additional References

References