Security Information / 2011 / Security Information -- DSA-2147-1 pimd

Debian Security Advisory

DSA-2147-1 pimd -- insecure temporary files

Date Reported:

16 Jan 2011

Affected Packages:

pimd

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2011-0007.

More information:

Vincent Bernat discovered that pimd, a multicast routing daemon, creates files with predictable names upon the receipt of particular signals.

For the stable distribution (lenny), this problem has been fixed in version 2.1.0-alpha29.17-8.1lenny1.

The testing distribution (squeeze) and the unstable distribution (sid) will receive updates shortly.

We recommend that you upgrade your pimd packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/