CVE-2011-1920

🗓️ 23 May 2011 22:00:00Reported by redhatType

The make include files in NetBSD before 1.6.2 allow local users to overwrite arbitrary files via symlink attack on a temporary file in /tmp

Reporter	Title	Published	Views	Family All 14
Cvelist	CVE-2011-1920	23 May 201122:00	–	cvelist
EUVD	EUVD-2011-1918	7 Oct 202500:30	–	euvd
Tenable Nessus	GLSA-201310-17 : pmake: Insecure temporary file usage	29 Oct 201300:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : pmake (MDVSA-2013:271)	22 Nov 201300:00	–	nessus
Tenable Nessus	RHEL 4 : pmake (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2011-1920	3 Mar 202500:00	–	nessus
Gentoo Linux	pmake: Insecure temporary file usage	28 Oct 201300:00	–	gentoo
Mageia	Updated pmake packages fix CVE-2011-1920	20 Nov 201320:26	–	mageia
NVD	CVE-2011-1920	23 May 201122:55	–	nvd
OpenVAS	Gentoo Security Advisory GLSA 201310-17	29 Sep 201500:00	–	openvas

NVD

Node

netbsd netbsdRange≤1.6.1

AND

ihji pmakeMatch1.111

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
openwall	www.openwall.com/lists/oss-security/2011/05/16/8
cvsweb	www.cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.lib.mk.diff
bugs	www.bugs.debian.org/cgi-bin/bugreport.cgi
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/67495
openwall	www.openwall.com/lists/oss-security/2011/05/16/2
securityfocus	www.securityfocus.com/bid/47878
cvsweb	www.cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.prog.mk.diff
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

29 Apr 2026 01:13Current

6.3Medium risk

Vulners AI Score6.3

CVSS 23.3

EPSS0.00054