NEdit Incremental Backup File Symbolic Link Vulnerability

NEdit is the Nirvana editor, a freely availabe text editor included with various implementations of the UNIX Operating system. It provides a graphic front end, and features designed to emulate the functions of text editors for Microsoft Windows and Macintosh Operating Systems.

A problem with the software could allow local users to corrupt files owned by other users. If a user of the editor is editing a file in a world writable directory, it is possible to create a symbolic link using the name of the file prefixed with a tilde (~) to a file writable by the nedit user. At each incremental backup of the file being edited, the editor overwrites the file linked to ~filename. This problem also affects files created with the .bck extension by the editor.

This problem makes it possible for a local user to corrupt and destroy files owned by other users.


Privacy Statement
Copyright 2010, SecurityFocus