CVE-2006-6939
GNU ed < 0.3 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
Title source: llmDescription
GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function.
References (13)
Core 13
Core References
Various Sources x_refsource_confirm
http://freshmeat.net/projects/ed/?branch_id=17855&release_id=240890
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30374
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:023
Vendor Advisory vendor-advisory
x_refsource_trustix
http://www.trustix.org/errata/2007/0005
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23832
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23857
Mailing List vendor-advisory
x_refsource_fedora
http://fedoranews.org/cms/node/2449
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23848
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22129
Mailing List vendor-advisory
x_refsource_fedora
http://fedoranews.org/cms/node/2450
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24054
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4573
Issue Tracking x_refsource_confirm
https://issues.rpath.com/browse/RPL-962
Scores
EPSS
0.0010
EPSS Percentile
27.1%
Details
Status
published
Products (1)
gnu/ed
< 0.2
Published
Jan 17, 2007
Tracked Since
Feb 18, 2026