Symlink Vulnerability in GNU ed Affects Multiple Linux Distros
CVE-2000-1137

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
9 January 2001

Summary

The vulnerability in GNU ed prior to version 0.2-18.1 allows local attackers to exploit symlink attacks, potentially leading to the unauthorized overwriting of files belonging to other users. This occurs when the vulnerable version does not properly handle symbolic links, giving malicious users the opportunity to create links pointing to sensitive files. As a result, any user with access to the vulnerable ed command can compromise the integrity of files across the system.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.