Arbitrary File Overwrite Vulnerability in NetBSD Make Include Files
CVE-2011-1920 · LOW Severity
AV:L/AC:M/AU:N/C:N/I:P/A:P
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk.
Learn more about our User Device Pen Test.