CVE-2010-1161

EPSS 0.1%
Veröffentlicht 16.04.2010 19:30:00
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gnu ≫ Nano Version <= 2.2.3

Gnu ≫ Nano Version0.5.0

Gnu ≫ Nano Version0.5.1

Gnu ≫ Nano Version0.5.2

Gnu ≫ Nano Version0.5.3

Gnu ≫ Nano Version0.5.4

Gnu ≫ Nano Version0.5.5

Gnu ≫ Nano Version0.6.0

Gnu ≫ Nano Version0.6.1

Gnu ≫ Nano Version0.6.2

Gnu ≫ Nano Version0.6.3

Gnu ≫ Nano Version0.6.4

Gnu ≫ Nano Version0.6.5

Gnu ≫ Nano Version0.6.6

Gnu ≫ Nano Version0.6.7

Gnu ≫ Nano Version0.6.8

Gnu ≫ Nano Version0.6.9

Gnu ≫ Nano Version0.7.0

Gnu ≫ Nano Version0.7.1

Gnu ≫ Nano Version0.7.2

Gnu ≫ Nano Version0.7.3

Gnu ≫ Nano Version0.7.4

Gnu ≫ Nano Version0.7.5

Gnu ≫ Nano Version0.7.6

Gnu ≫ Nano Version0.7.7

Gnu ≫ Nano Version0.7.8

Gnu ≫ Nano Version0.7.9

Gnu ≫ Nano Version0.8.0

Gnu ≫ Nano Version0.8.1

Gnu ≫ Nano Version0.8.2

Gnu ≫ Nano Version0.8.3

Gnu ≫ Nano Version0.8.4

Gnu ≫ Nano Version0.8.5

Gnu ≫ Nano Version0.8.6

Gnu ≫ Nano Version0.8.7

Gnu ≫ Nano Version0.8.8

Gnu ≫ Nano Version0.8.9

Gnu ≫ Nano Version0.9.0

Gnu ≫ Nano Version0.9.1

Gnu ≫ Nano Version0.9.2

Gnu ≫ Nano Version0.9.3

Gnu ≫ Nano Version0.9.4

Gnu ≫ Nano Version0.9.5

Gnu ≫ Nano Version0.9.6

Gnu ≫ Nano Version0.9.7

Gnu ≫ Nano Version0.9.8

Gnu ≫ Nano Version0.9.9

Gnu ≫ Nano Version0.9.10

Gnu ≫ Nano Version0.9.11

Gnu ≫ Nano Version0.9.12

Gnu ≫ Nano Version0.9.13

Gnu ≫ Nano Version0.9.14

Gnu ≫ Nano Version0.9.15

Gnu ≫ Nano Version0.9.16

Gnu ≫ Nano Version0.9.17

Gnu ≫ Nano Version0.9.18

Gnu ≫ Nano Version0.9.19

Gnu ≫ Nano Version0.9.20

Gnu ≫ Nano Version0.9.21

Gnu ≫ Nano Version0.9.22

Gnu ≫ Nano Version0.9.23

Gnu ≫ Nano Version0.9.24

Gnu ≫ Nano Version0.9.25

Gnu ≫ Nano Version0.9.99pre1

Gnu ≫ Nano Version0.9.99pre2

Gnu ≫ Nano Version0.9.99pre3

Gnu ≫ Nano Version1.0.0

Gnu ≫ Nano Version1.0.1

Gnu ≫ Nano Version1.0.2

Gnu ≫ Nano Version1.0.3

Gnu ≫ Nano Version1.0.4

Gnu ≫ Nano Version1.0.5

Gnu ≫ Nano Version1.0.6

Gnu ≫ Nano Version1.0.7

Gnu ≫ Nano Version1.0.8

Gnu ≫ Nano Version1.0.9

Gnu ≫ Nano Version1.1.0

Gnu ≫ Nano Version1.1.1

Gnu ≫ Nano Version1.1.2

Gnu ≫ Nano Version1.1.3

Gnu ≫ Nano Version1.1.4

Gnu ≫ Nano Version1.1.5

Gnu ≫ Nano Version1.1.6

Gnu ≫ Nano Version1.1.7

Gnu ≫ Nano Version1.1.8

Gnu ≫ Nano Version1.1.9

Gnu ≫ Nano Version1.1.10

Gnu ≫ Nano Version1.1.11

Gnu ≫ Nano Version1.1.12

Gnu ≫ Nano Version1.1.99pre1

Gnu ≫ Nano Version1.1.99pre2

Gnu ≫ Nano Version1.1.99pre3

Gnu ≫ Nano Version1.2.0

Gnu ≫ Nano Version1.2.1

Gnu ≫ Nano Version1.2.2

Gnu ≫ Nano Version1.2.3

Gnu ≫ Nano Version1.2.4

Gnu ≫ Nano Version1.2.5

Gnu ≫ Nano Version1.3.0

Gnu ≫ Nano Version1.3.1

Gnu ≫ Nano Version1.3.2

Gnu ≫ Nano Version1.3.3

Gnu ≫ Nano Version1.3.4

Gnu ≫ Nano Version1.3.5

Gnu ≫ Nano Version1.3.6

Gnu ≫ Nano Version1.3.7

Gnu ≫ Nano Version1.3.8

Gnu ≫ Nano Version1.3.9

Gnu ≫ Nano Version1.3.10

Gnu ≫ Nano Version1.3.11

Gnu ≫ Nano Version1.3.12

Gnu ≫ Nano Version1.9.99pre1

Gnu ≫ Nano Version1.9.99pre2

Gnu ≫ Nano Version1.9.99pre3

Gnu ≫ Nano Version2.0.0

Gnu ≫ Nano Version2.0.1

Gnu ≫ Nano Version2.0.2

Gnu ≫ Nano Version2.0.3

Gnu ≫ Nano Version2.0.4

Gnu ≫ Nano Version2.0.5

Gnu ≫ Nano Version2.0.6

Gnu ≫ Nano Version2.0.7

Gnu ≫ Nano Version2.0.8

Gnu ≫ Nano Version2.0.9

Gnu ≫ Nano Version2.1.0

Gnu ≫ Nano Version2.1.1

Gnu ≫ Nano Version2.1.2

Gnu ≫ Nano Version2.1.3

Gnu ≫ Nano Version2.1.4

Gnu ≫ Nano Version2.1.5

Gnu ≫ Nano Version2.1.6

Gnu ≫ Nano Version2.1.7

Gnu ≫ Nano Version2.1.8

Gnu ≫ Nano Version2.1.9

Gnu ≫ Nano Version2.1.10

Gnu ≫ Nano Version2.1.11

Gnu ≫ Nano Version2.1.99pre1

Gnu ≫ Nano Version2.1.99pre2

Gnu ≫ Nano Version2.2.0

Gnu ≫ Nano Version2.2.1

Gnu ≫ Nano Version2.2.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.289

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.7	1.9	6.4	AV:L/AC:H/Au:N/C:P/I:P/A:P

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

http://drosenbe.blogspot.com/2010/03/nano-as-root.html

http://lists.gnu.org/archive/html/nano-devel/2010-04/msg00000.html

http://secunia.com/advisories/39444

Vendor Advisory

http://svn.savannah.gnu.org/viewvc/trunk/nano/ChangeLog?revision=4503&root=nano&view=markup

http://www.openwall.com/lists/oss-security/2010/04/14/4

http://www.securitytracker.com/id?1023891

https://nvd.nist.gov/vuln/detail/CVE-2010-1161

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-1161

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-1161

EUVD