GLSA-201310-11 : Perl Parallel-ForkManager Module: Insecure temporary file usage
Low Nessus Plugin ID 70487
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201310-11 (Perl Parallel-ForkManager Module: Insecure temporary file usage)
The Perl Parallel-ForkManager module does not handle temporary files securely.
A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application.
There is no known workaround at this time.
SolutionAll Parallel-ForkManager users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=dev-perl/Parallel-ForkManager-1.20.0'