10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
14.8%
A Gentoo advisory reports:
Net-SNMP creates temporary files in an insecure manner,
possibly allowing the execution of arbitrary code.
A malicious local attacker could exploit a race condition
to change the content of the temporary files before they
are executed by fixproc, possibly leading to the execution
of arbitrary code. A local attacker could also create
symbolic links in the temporary files directory, pointing
to a valid file somewhere on the filesystem. When fixproc
is executed, this would result in the file being
overwritten.