Debian 'linux-patch-openswan' Insecure Temporary File Creation Vulnerabilities

Debian 'linux-patch-openswan' Insecure Temporary File Creation Vulnerabilities

Debian 'linux-patch-openswan' creates temporary files in an insecure manner.

An attacker with local access could potentially exploit these issues to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

Debian 'linux-patch-openswan' 2.4.12+dfsg-1.1 is vulnerable; other versions may also be affected.