Vulnerability Description
libedit searches for the .editrc file in the current directory instead of the user's home directory, which may allow local users to execute arbitrary commands by installing a modified .editrc in another directory.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 3.0 |
References
- http://archives.neohapsis.com/archives/freebsd/2000-07/0035.htmlExploitPatchVendor Advisory
- http://www.osvdb.org/1446
- http://www.securityfocus.com/bid/1437ExploitPatchVendor Advisory
- http://archives.neohapsis.com/archives/freebsd/2000-07/0035.htmlExploitPatchVendor Advisory
- http://www.osvdb.org/1446
- http://www.securityfocus.com/bid/1437ExploitPatchVendor Advisory
FAQ
What is CVE-2000-0595?
CVE-2000-0595 is a vulnerability with a CVSS score of 4.6 (MEDIUM). libedit searches for the .editrc file in the current directory instead of the user's home directory, which may allow local users to execute arbitrary commands by installing a modified .editrc in anoth...
How severe is CVE-2000-0595?
CVE-2000-0595 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0595?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd.