16 matches found
EUVD-2001-0289
Malware in sbrugna...
EUVD-2002-2312
Malware in sbrugna...
CVE-2002-2334
Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users...
Joe Text Editor 2.8 .joerc Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2437/info Joe is a text editor originally written by Joseph Allen. Joe offers a user-friendly interface, with key binding and configuration familiar to many users of Microsoft Word Processing tools. A problem in the...
Mandrake Linux Security Advisory : joe (MDKSA-2001:026)
The joe text editor looks for configuration files in the current working directory, the user's home directory, and finally in /etc/joe. A malicious user could create their own .joerc configuration file and attempt to get other users to use it. If this were to happen, the user could potentially...
CVE-2002-2334
CVE-2002-2334 affects Joe text editor versions 2.8–2.9.7. Backup files do not have their group and user setuid bits removed, which could allow local users to execute arbitrary setuid/setgid root programs when root edits scripts owned by other users. The NVD CVSS score is 3.6 (LOW) with local atta...
CVE-2002-2334
Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users...
CVE-2002-2334
Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users...
CVE-2001-0289
Joe text editor 2.8 searches the current working directory CWD for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory...
CVE-2001-0289
Joe text editor 2.8 searches the current working directory CWD for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory...
Joe Text Editor 2.8 - .joerc Arbitrary Command Execution
Joe Text Editor 2.8 - .joerc Arbitrary Command Execution source: https://www.securityfocus.com/bid/2437/info Joe is a text editor originally written by Joseph Allen. Joe offers a user-friendly interface, with key binding and configuration familiar to many users of Microsoft Word Processing tools....
Joe Text Editor 2.8 - '.joerc' Arbitrary Command Execution
source: https://www.securityfocus.com/bid/2437/info Joe is a text editor originally written by Joseph Allen. Joe offers a user-friendly interface, with key binding and configuration familiar to many users of Microsoft Word Processing tools. A problem in the sourcing of the .joerc file could lead ...
CVE-2000-1178
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes...
CVE-2000-1178
The CVE covers the joe text editor, where on abnormal exit it follows symbolic links when creating the rescue file DEADJOE, enabling local attackers to append/overwrite files of other users’ sessions. The core issue is unsafe handling of DEADJOE links during crash/exit, allowing symlink abuse to ...
CVE-2000-1178
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes...
Joe Text Editor DEADJOE Symbolic Link Vulnerability
...