CVE-2001-0736

Pine <4.33 - Local Privilege Escalation

Title source: llm

Description

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.

Exploits (1)

exploitdb WORKING POC VERIFIED

by mat · bashlocallinux

https://www.exploit-db.com/exploits/20493

View Code ZIP pw:eip

References (5)

[Mailing List] http://marc.info/?l=bugtraq&m=98749102621604&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=99106787825229&w=2

[Patch, Vendor Advisory] http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0

[Patch, Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2001-042.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6367

Scores

EPSS 0.0017

EPSS Percentile 38.6%

Details

Status published

Products (12)

engardelinux/secure_linux 1.0.1

immunix/immunix 6.2

immunix/immunix 7.0

immunix/immunix 7.0_beta

mandrakesoft/mandrake_linux 7.1

mandrakesoft/mandrake_linux 7.2

mandrakesoft/mandrake_linux 8.0

mandrakesoft/mandrake_linux_corporate_server 1.0.1

redhat/linux 5.2

redhat/linux 6.2

... and 2 more

Published Oct 18, 2001

Tracked Since Feb 18, 2026