Description
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
Affected products
- engardelinux / secure_linux1.0.1 – 1.0.1
- immunix / immunix7.0 – 7.0
- immunix / immunix7.0_beta – 7.0_beta
- immunix / immunix6.2 – 6.2
- mandrakesoft / mandrake_linux7.2 – 7.2
- mandrakesoft / mandrake_linux7.1 – 7.1
- mandrakesoft / mandrake_linux8.0 – 8.0
- mandrakesoft / mandrake_linux_corporate_server1.0.1 – 1.0.1
- RedHat / linux7.0 – 7.0
- RedHat / linux5.2 – 5.2
- RedHat / linux6.2 – 6.2
- university_of_washington / pine4.33
References
- MAILING_LISThttp://marc.info/?l=bugtraq&m=98749102621604&w=2
- MAILING_LISThttp://marc.info/?l=bugtraq&m=99106787825229&w=2
- MISChttp://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0
- MISChttp://www.redhat.com/support/errata/RHSA-2001-042.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/6367