Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0289

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2001-0289
Last Modified 05 Sep 2008 04:23:44
Published 03 May 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0289

Summary

Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory.

Vulnerable Systems

Application

  • Joseph Allen Joe 2.8


References

MANDRAKE - MDKSA-2001:026

DEBIAN - DSA-041

BUGTRAQ - 20010228 Joe's Own Editor File Handling Error

REDHAT - RHSA-2001:024


Last Updated: 27 May 2016 10:36:12