First published: Tue Jan 09 2001(Updated: )
GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU ed | =2.18 | |
GNU ed | =2.16tr | |
GNU ed | =2.15 | |
GNU ed | =2.18.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2000-1137 is considered a moderate severity vulnerability due to its potential for local file manipulation.
To fix CVE-2000-1137, upgrade GNU ed to version 2.18 or later.
Local users on systems running affected versions of GNU ed, specifically versions before 0.2-18.1, are at risk from CVE-2000-1137.
CVE-2000-1137 enables local users to conduct symlink attacks to overwrite files of other users.
GNU ed versions 2.15, 2.16tr, and 2.18 (up to but not including 2.18.1) are vulnerable to CVE-2000-1137.