CVE Request -- atop: Symlink attacks via process accounting file

[Jan Lieskovsky <jlieskov () redhat com>]

Hello Josh, Steve, vendors,

  atop v1.23 and earlier created process accounting file (/tmp/atop.d/atop.acct)
in an insecure way. A local attacker could use this flaw to conduct symlink
attacks (e.g. overwrite arbitrary system files).

References:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622794
[2] http://secunia.com/advisories/44175/
[3] https://bugzilla.redhat.com/show_bug.cgi?id=697848

Could you allocate a CVE id for this?

Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team