Symlink Vulnerability in GNU ed Affects Multiple Linux Distros
CVE-2000-1137
Currently unrated
Summary
The vulnerability in GNU ed prior to version 0.2-18.1 allows local attackers to exploit symlink attacks, potentially leading to the unauthorized overwriting of files belonging to other users. This occurs when the vulnerable version does not properly handle symbolic links, giving malicious users the opportunity to create links pointing to sensitive files. As a result, any user with access to the vulnerable ed command can compromise the integrity of files across the system.
References
Timeline
Vulnerability published
Vulnerability Reserved