PT-2010-2875 · Gnu+1 · Gnu Nano+1

Dan Rosenberg

Published

2010-04-16

Updated

2024-06-15

CVE-2010-1161

CVSS v2.0

3.7

Low

Vector

AV:L/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions GNU nano versions prior to 2.2.4

Description A race condition exists when GNU nano is run by root to edit a file not owned by root, allowing local user-assisted attackers to change the ownership of arbitrary files through vectors related to the creation of backup files.

Recommendations For versions prior to 2.2.4, update to version 2.2.4 or later to resolve the issue.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2010-1161

OPENSUSE-SU-2024:10435-1

Affected Products

Gnu Nano

Nano

PT-2010-2875 · Gnu+1 · Gnu Nano+1

CVE-2010-1161

Weakness Enumeration

Related Identifiers

Affected Products

References · 13