Lucene search

[email protected]CVE-2000-1137

HistoryJan 09, 2001 - 5:00 a.m.

CVE-2000-1137

2001-01-0905:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-1137

gnu ed

local user

overwrite

symlink attack

6.3 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.

CPENameOperatorVersion
gnu:edgnu edeq2.18
gnu:edgnu edeq2.16tr
gnu:edgnu edeq2.15
gnu:edgnu edeq2.18.0

CPE	Name	Operator	Version
gnu:ed	gnu ed	eq	2.18
gnu:ed	gnu ed	eq	2.16tr
gnu:ed	gnu ed	eq	2.15
gnu:ed	gnu ed	eq	2.18.0

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000359

www.debian.org/security/2000/20001129

www.linux-mandrake.com/en/security/MDKSA-2000-076.php3

www.osvdb.org/6491

www.redhat.com/support/errata/RHSA-2000-123.html

exchange.xforce.ibmcloud.com/vulnerabilities/5723

Social References

6.3 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2000-1137

nessus2 openvas2 gentoo1