2 matches found
CVE-2010-1160
GNU nano before 2.2.4 is vulnerable: a file is overwritten during save without verifying the destination file change, enabling a local user-assisted symlink attack to overwrite an attacker-owned file. Impact: local privilege or integrity risk when editing files. Affected component: nano (pre-2.2....
CVE-2010-1161
The CVE-2010-1161 entry documents a race condition in GNU nano prior to 2.2.4. When nano is run by root to edit a file not owned by root, a local user can influence the creation of backup files to change ownership of arbitrary files. This is a local, user-initiated vulnerability with partial inte...