CVE-2011-1920
https://notcve.org/view.php?id=CVE-2011-1920
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk. El "make" incluye ficheros en NetBSD anterior a v1.6.2 usados en pmake v1.111 y otros productos, permite a usuarios locales sobreescribir ficheros de su elección a través de un ataque de enlace simbólico sobre un archivo temporal /tmp/_depend#####, relacionado con (1) bsd.lib.mk y (2) bsd.prog.mk. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626673 http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.lib.mk.diff?r1=1.239&r2=1.240&f=h http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.prog.mk.diff?r1=1.192&r2=1.193&f=h http://openwall.com/lists/oss-security/2011/05/16/2 http://openwall.com/lists/oss-security/2011/05/16/8 http://www.securityfocus.com/bid/47878 https://bugzilla.redhat.com/show_bug.cgi?id=705090 https://bugzilla • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2001-0916 – SuSE Linux 6.4/7.0/7.1/7.2 Berkeley Parallel Make - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0916
Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via a long check argument of a shell definition. • https://www.exploit-db.com/exploits/21159 http://marc.info/?l=bugtraq&m=100638919720975&w=2 http://www.iss.net/security_center/static/7603.php http://www.securityfocus.com/bid/3573 •
CVE-2001-0915 – SuSE Linux 6.4/7.0/7.1/7.2 Berkeley Parallel Make - Shell Definition Format String
https://notcve.org/view.php?id=CVE-2001-0915
Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition. • https://www.exploit-db.com/exploits/21158 http://marc.info/?l=bugtraq&m=100638919720975&w=2 http://www.iss.net/security_center/static/7602.php http://www.securityfocus.com/bid/3572 •
CVE-2001-1327
https://notcve.org/view.php?id=CVE-2001-1327
pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that are used by pmake. • http://www.iss.net/security_center/static/9988.php http://www.turbolinux.com/pipermail/tl-security-announce/2001-May/000313.html •