Published: 29 October 2019
rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr.
CVSS 3 base score: 7.1
init script converted to upstart job in oneiric, use of statedir may not have been translated over; likely mitigated by YAMA
upstart job in precise+ looks ok