Gentoo Security Advisory GLSA 200909-10 (lmbench) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200909-10.

Solution

LMBench has been removed from Portage. We recommend that users unmerge LMBench: # emerge --unmerge app-benchmarks/lmbench http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200909-10 http://bugs.gentoo.org/show_bug.cgi?id=246015

Insight

Multiple insecure temporary file usage issues have been reported in LMBench, allowing for symlink attacks.

Severity

Classification

CVE CVE-2008-4968

CVSS	Base Score: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200411-18 (apache)
Gentoo Security Advisory GLSA 200407-12 (Kernel)
Gentoo Security Advisory GLSA 200408-18 (xine-lib)
Gentoo Security Advisory GLSA 200312-05 (GnuPG)
Gentoo Security Advisory GLSA 200502-11 (mailman)

Take action and discover your vulnerabilities