CVE-2006-6939

GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function.

🔗 References (26)

• cve@mitrehttp://fedoranews.org/cms/node/2449
• cve@mitrehttp://fedoranews.org/cms/node/2450
• cve@mitrehttp://freshmeat.net/projects/ed/?branch_id=17855&release_id=240890
• cve@mitrehttp://secunia.com/advisories/23832
• cve@mitrehttp://secunia.com/advisories/23848
• cve@mitrehttp://secunia.com/advisories/23857
• cve@mitrehttp://secunia.com/advisories/24054
• cve@mitrehttp://www.mandriva.com/security/advisories?name=MDKSA-2007:023
• cve@mitrehttp://www.securityfocus.com/bid/22129
• cve@mitrehttp://www.trustix.org/errata/2007/0005
• cve@mitrehttp://www.vupen.com/english/advisories/2006/4573
• cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/30374
• cve@mitrehttps://issues.rpath.com/browse/RPL-962
• af854a3a-2127-422b-91ae-364da2661108http://fedoranews.org/cms/node/2449
• af854a3a-2127-422b-91ae-364da2661108http://fedoranews.org/cms/node/2450