Lucene search
HistoryMay 07, 2001 - 4:00 a.m.
CVE-2001-0289
information security
cve-2001-0289
joe editor
privilege escalation
trojan
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
0.4%
Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory.
Affected configurations
Node
joseph_allenjoeMatch2.8
| CPE | Name | Operator | Version |
|---|---|---|---|
| joseph_allen:joe | joseph allen joe | eq | 2.8 |
Related
openvas
openvas
Debian Security Advisory DSA 041-1 (joe)
2008-01-17 00:00:00
Debian Security Advisory DSA 041-1 (joe)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-041-1 : joe - local exploit
2004-09-29 00:00:00
Mandrake Linux Security Advisory : joe (MDKSA-2001:026)
2012-09-06 00:00:00
cvelist
cvelist
CVE-2001-0289
2001-05-07 04:00:00
nvd
nvd
CVE-2001-0289
2001-05-03 04:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
0.4%
Related for CVE-2001-0289