Vulnerability Name: | CVE-2001-0736 (CCN-6367) | ||||||||
Assigned: | 2001-04-09 | ||||||||
Published: | 2001-04-09 | ||||||||
Updated: | 2017-12-19 | ||||||||
Summary: | Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. | ||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: MITRE Type: CNA CVE-2001-0736 Source: CCN Type: Immunix OS Security Advisory IMNX-2001-70-015-01 pine Source: BUGTRAQ Type: UNKNOWN 20010416 Immunix OS Security update for pine Source: BUGTRAQ Type: UNKNOWN 20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities Source: CCN Type: RHSA-2001-042 Updated pine packages available Source: MANDRAKE Type: Patch, Vendor Advisory MDKSA-2001:047 Source: CCN Type: EnGarde Secure Linux Security Advisory ESA-20010509-01 pine temporary file handling vulnerabilitie Source: CCN Type: OSVDB ID: 11765 pico Symlink Arbitrary File Overwrite Source: REDHAT Type: Patch, Vendor Advisory RHSA-2001:042 Source: XF Type: UNKNOWN pine-tmp-file-symlink(6367) Source: XF Type: UNKNOWN pine-tmp-file-symlink(6367) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |