CVE-2010-1161

Currently unrated

Key Information:

Vendor: Gnu
Status: Nano
Vendor: CVE Published:; 16 April 2010

Summary

Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files.

References

http://lists.gnu.org/archive/html/nano-devel/2010-04/msg0...

mailing-listx_refsource_MLIST

http://svn.savannah.gnu.org/viewvc/trunk/nano/ChangeLog?r...

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2010/04/14/4

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Apr 16, 2010
Vulnerability Reserved
Mar 29, 2010