Local File Overwrite Vulnerability in GNU ed from GNU
CVE-2006-6939

Currently unrated

Key Information:

Vendor: Gnu
Status: Ed
Vendor: CVE Published:; 17 January 2007

What is CVE-2006-6939?

GNU ed, prior to version 0.3, is susceptible to a local file overwrite vulnerability that arises from improper handling of temporary files. This can be exploited through a symlink attack, where a local user can create symbolic links to overwrite arbitrary files on the system, which poses a significant security risk. Ensuring the update to the latest version is vital to mitigate potential exploits.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/30374

vdb-entryx_refsource_XF

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.trustix.org/errata/2007/0005

vendor-advisoryx_refsource_TRUSTIX

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 17, 2007
Vulnerability Reserved
Jan 16, 2007

Gnu

What is CVE-2006-6939?

References

Timeline