Nessus Plugin #14878
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[DSA041] DSA-041-1 joe
- Family:
- Debian Local Security Checks
- Category:
- infos
- Copyright:
- This script is (C) 2004 Michel Arboi
- Summary:
- DSA-041-1 joe
- Version:
- $Revision: 1.4 $
- Cve_id:
- CVE-2001-0289
- Bugtraq_id:
- 2437
- Xrefs:
- DSA:041
- Description:
- Christer â•“berg of Wkit Security AB found a problem in joe
(Joe's Own Editor). joe will look for a configuration file in three locations:
The current directory, the users homedirectory ($HOME) and in /etc/joe. Since
the configuration file can define commands joe will run (for example to check
spelling) reading it from the current directory can be dangerous: An attacker
can leave a .joerc file in a writable directory, which would be read when a
unsuspecting user starts joe in that directory.
This has been fixed in version 2.8-15.3 and we recommend that you upgrade
your joe package immediately.
Solution : http://www.debian.org/security/2001/dsa-041
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.