Pine < 4.63 rpdump Symlink Arbitrary File Overwrite
Low Nessus Network Monitor Plugin ID 2814
SynopsisThe remote host is vulnerable to a local flaw in the way that it creates temporary files.
DescriptionPine versions 4.62 and below suffer from a vulnerability with the rpdump utility. Rpdump ships with Pine by default. This version of rpdump is vulnerable to a local file-access race condition. An attacker exploiting this flaw would need local access to the machine as well as the knowledge of when a user was using rpdump. Successful exploitation results in elevation of privileges.
SolutionUpgrade to version 4.63 or higher.