CVE-2010-1161

Published: Apr 16, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[Nano-devel] 20100407 New prerelease for security tweaks

mailing-list

x_refsource_MLIST

http://svn.savannah.gnu.org/viewvc/trunk/nano/ChangeLog?revision=4503&root=nano&view=markup

x_refsource_CONFIRM

[oss-security] 20100414 CVE request: GNU nano (minor)

mailing-list

x_refsource_MLIST

1023891

vdb-entry

x_refsource_SECTRACK

http://drosenbe.blogspot.com/2010/03/nano-as-root.html

x_refsource_MISC

39444

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-1161

Description

Affected Products

References