Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1178

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2000-1178
Last Modified 05 Sep 2008 04:22:50
Published 09 Jan 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-1178

Summary

Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes.

Vulnerable Systems

Application

  • Joseph Allen Joe 2.8


References

BID - 1959

BUGTRAQ - 20001116 Joe's Own Editor File Link Vulnerability

XF - joe-symlink-corruption(5546)

REDHAT - RHSA-2000:110

MANDRAKE - MDKSA-2000:072

DEBIAN - 20001201 DSA-003-1 joe: symlink attack

BUGTRAQ - 20001121 Immunix OS Security update for joe

CONECTIVA - CLA-2000:356


Last Updated: 27 May 2016 10:36:03