Red Hat Bugzilla – Bug 164639
CAN-2005-1740 net-snmp insecure temporary file usage
Last modified: 2007-11-30 17:07:08 EST
+++ This bug was initially created as a clone of Bug #158769 +++
fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely,
which allows local users to modify the contents of those files to execute
arbitrary commands, or overwrite arbitrary files via a symlink attack.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.