{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2010-04-16T19:00:00Z"}, "references": [{"name": "[Nano-devel] 20100407 New prerelease for security tweaks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.gnu.org/archive/html/nano-devel/2010-04/msg00000.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://svn.savannah.gnu.org/viewvc/trunk/nano/ChangeLog?revision=4503&root=nano&view=markup"}, {"name": "[oss-security] 20100414 CVE request: GNU nano (minor)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2010/04/14/4"}, {"name": "1023891", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1023891"}, {"tags": ["x_refsource_MISC"], "url": "http://drosenbe.blogspot.com/2010/03/nano-as-root.html"}, {"name": "39444", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39444"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:14:06.638Z"}, "title": "CVE Program Container", "references": [{"name": "[Nano-devel] 20100407 New prerelease for security tweaks", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.gnu.org/archive/html/nano-devel/2010-04/msg00000.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://svn.savannah.gnu.org/viewvc/trunk/nano/ChangeLog?revision=4503&root=nano&view=markup"}, {"name": "[oss-security] 20100414 CVE request: GNU nano (minor)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2010/04/14/4"}, {"name": "1023891", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1023891"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://drosenbe.blogspot.com/2010/03/nano-as-root.html"}, {"name": "39444", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/39444"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-1160", "state": "PUBLISHED", "dateReserved": "2010-03-29T00:00:00Z", "datePublished": "2010-04-16T19:00:00Z", "dateUpdated": "2024-08-07T01:14:06.638Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:nano:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5B10FE0-0AEE-4091-A1F0-354B50412CA0", "versionEndIncluding": "2.2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE7EE9-DEA7-480D-B527-44B7FA187547", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "492C7264-F191-416F-9B76-701098E9ECDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "F52B0085-8C5F-4FC9-88E5-4CDB78F3312D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "6F9C0194-E91C-431F-8AC0-FE5B2829006C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "FBC7B369-E15F-4417-9A09-AA7EA79B8468", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A44F356-0816-4498-A2E8-333ED0AF99A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EB7E773E-1391-415E-BF1B-8ABCCC0B314F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "26E50766-DAD4-4FD0-9D1E-5762B96C127B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "12D29C17-F2DE-4224-AA09-E8B268005260", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "788E8155-7736-4137-8973-83BA61CFDAD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "668C9084-1602-4FD5-9068-15430E271EFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "983A0E75-1467-4A22-9A5E-F87FA96D0FB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "64318400-2254-4987-887C-36DF63412682", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "EF9CD1A8-8CA9-48DD-B089-73E0086D289C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "7313309E-C1A5-4D80-9304-2995363F647F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "97F78507-AE0B-44D3-84EC-2327F6B10458", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "193D97E1-659F-4CEA-BABB-EB1C889F1F07", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "D37A3A00-B138-407E-9FC2-00F3716DAF3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "479B967C-6433-4A69-9417-F90D901DC2AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98D22140-7F4A-49E9-800F-A3EC9E3A1A85", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "134537FB-CCE2-4A00-B65D-A7187EBC13DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "348208D7-1134-4624-B34F-CFCCEBE3A094", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "7CD993CD-DE0E-4011-B503-EC0872C3948B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "E4A9B0B2-6384-4A2B-9D81-21F7EDA7EFE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "17467C9C-6924-4D01-8824-0028C1B8B02F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.7.9:*:*:*:*:*:*:*", "matchCriteriaId": "25D99DC7-E490-41A5-B33C-C1D4682021B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "3E48EBD5-7CCC-49DB-A186-8C4D87167B8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "9DE8BF11-1CC7-4D57-A270-69FF0DE7A0E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "4BD0609D-F396-484A-998E-9008F29FBB18", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "E815C49A-A371-4733-B4E1-332401886538", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "48764ED5-79AC-4AC6-8E24-BB2D3724061E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "AB96C5A3-3BA2-46D6-870B-320771430E58", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "ADD99C18-D837-4536-A2DB-4E55CDC1D1D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "350D032C-14E5-4893-B24B-BBDE3EC148DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "16600857-8C83-4B51-8909-89F6DE67C955", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.8.9:*:*:*:*:*:*:*", "matchCriteriaId": "49CB8772-C9AD-4A2C-B5DE-7D841834409B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "13AC34F4-3702-4EDB-8EC4-C6F002AD9DA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "6CAC2D40-DAD7-42F7-8CA0-DFB677F01729", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "93FAB5B1-284A-4BF9-9AD5-8447B077B1E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "304DF414-31EB-4FCA-AEE6-0F32BAB332A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "E7835C67-5FA5-4F62-BD96-F9A1CA0BC32E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "61FD3A61-39A0-446B-8B50-E94F1B036606", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "BC942DE0-1906-4AA8-85A2-6D2594BF06F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "39AA92B1-CBEE-4E8F-AC19-3C42966CF67F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "A01EA657-A4C5-448D-A0BA-ECA413EE472B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "3283EA9C-8E06-4077-9304-9B3B830B59DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "47A3BC1B-6D8D-43CE-909A-C9932FD672D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.11:*:*:*:*:*:*:*", "matchCriteriaId": "CFC8E41F-8AEF-4EA2-B3A2-F3CABE7AE5C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.12:*:*:*:*:*:*:*", "matchCriteriaId": "8381447C-A92D-4D9D-A208-0C3073F3BDEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.13:*:*:*:*:*:*:*", "matchCriteriaId": "7B6D54D1-4E24-45CF-B303-A1CBFF339842", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.14:*:*:*:*:*:*:*", "matchCriteriaId": "5D38FA58-E510-4CC0-80FE-CF19B8336A69", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.15:*:*:*:*:*:*:*", "matchCriteriaId": "722D1833-F3F6-437D-BD70-ECAB4CAD85A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.16:*:*:*:*:*:*:*", "matchCriteriaId": "CBE6062C-9ABC-4544-8BDE-FE242016E0A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.17:*:*:*:*:*:*:*", "matchCriteriaId": "583A51DE-51AB-4777-A8DD-7922DFEFDE7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.18:*:*:*:*:*:*:*", "matchCriteriaId": "3A47CB61-5CF0-41A7-B955-8F95CE6A2339", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.19:*:*:*:*:*:*:*", "matchCriteriaId": "2688B9DB-1DF5-4140-90BC-524E832AB51D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.20:*:*:*:*:*:*:*", "matchCriteriaId": "85603BB9-12A7-4717-9C08-19EF5B52D799", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.21:*:*:*:*:*:*:*", "matchCriteriaId": "B556F230-91E8-45F1-B69C-94618E6903F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.22:*:*:*:*:*:*:*", "matchCriteriaId": "C6061D91-3966-4A28-8D33-1781A63F00CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.23:*:*:*:*:*:*:*", "matchCriteriaId": "BDC403BF-07AB-426C-B2EA-300E6D18F514", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.24:*:*:*:*:*:*:*", "matchCriteriaId": "0989010E-5350-4DEA-9689-A5D39216103E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.25:*:*:*:*:*:*:*", "matchCriteriaId": "526EDB00-B327-4003-B964-2BAA2E634BEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.99pre1:*:*:*:*:*:*:*", "matchCriteriaId": "B3C548D9-D598-4C77-A49C-AFD45EA1F27D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.99pre2:*:*:*:*:*:*:*", "matchCriteriaId": "9E6BEB7B-C698-4EF0-90E5-5E7D1940C111", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:0.9.99pre3:*:*:*:*:*:*:*", "matchCriteriaId": "10877ACD-C34D-48EB-AEFE-ABF050D24F88", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B5D1A7A-E299-4751-A64A-431F7E94E717", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB4AA124-B4B9-440F-B202-E0CEC9102394", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "2BF45BF3-F4BB-4707-81D8-9510AC6B7F0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "68AA6BD3-0B9F-44BA-B475-06E3AB6405A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "CD2CE86A-7B58-4665-B1B9-3AB9D97AFE9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "AC560F59-FC48-469F-92CD-2010D2D857EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "85F24774-D4B7-403F-881F-6F09C1E451F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "629595F9-D96C-40F3-A7C6-EAB4BB82251A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "9067C91B-7894-4DD2-8957-3E91E8FBFA90", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "95BD2E52-EF88-4DDE-B7FB-92C2AB5497C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "43097361-EC72-4FB3-BA24-1ACEF252236D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "462D01E1-6246-4075-B9A5-700E9BF682B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "2BD81272-04D6-4754-8479-3970B8D08BE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "3481E4F3-9452-4BF6-B5F2-7B9F516B8F06", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "17FC653A-CF75-4A6E-A804-5B486F93D093", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "B98274A8-75D6-4465-8E87-E7CF2D1A161E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "AE1923B3-7DC8-4314-9C83-D5DE99661A51", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "E6596F13-B9A9-42AF-AB8A-A195D39871BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "F00EF754-9E5F-4E38-841D-309189EAAA40", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "479E5340-369A-4048-9995-5F2E41D22B1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "2445E049-EEE9-41F5-A083-424A5AA74BA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "2976C189-F64C-475E-A3E7-F32C5CC0938F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "5D92E4A0-4F7F-4EE1-B651-313723CD3982", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.99pre1:*:*:*:*:*:*:*", "matchCriteriaId": "05347F20-8AE9-4D19-9040-03D5BB0D5BB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.99pre2:*:*:*:*:*:*:*", "matchCriteriaId": "F00D4983-7FE4-420A-AC44-5AF038592D89", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.1.99pre3:*:*:*:*:*:*:*", "matchCriteriaId": "4E437D35-E51C-4DA5-93FE-A8D505A2966F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "85DE004D-7B05-4E60-B782-22DB4FB0BF96", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "11DEBBA8-97BB-42DA-8225-0CA09A0A3B0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "0E8F7492-A521-4CAD-8A42-5D0B6B9D0B75", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "095D9677-171F-4BD8-8180-EC98FB1A1019", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "1E66B8F2-2171-47A7-A9BB-69253D9A7462", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "627526B0-350B-48B8-87A8-A230E62746F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "56F5E5B7-3E09-4FB5-897E-3C82131B7A47", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "DA276385-C2EC-4B63-879C-BC7407F3DF62", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C3949B7-7C07-48A1-8872-5639FBDAEF17", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "485AB880-DDF6-4C51-B0F9-BB51FD051CEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "4554F663-12FE-4874-810B-464E4CB6E467", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "F171A6CB-721D-4A1A-958B-63736898F35E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "EEF1CF52-5D00-4E5F-93BC-1842F023F510", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "D805AC2C-573E-4B28-8BFA-A1284AEF6DFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "900FB233-CE85-4C92-92D2-25EDAA299429", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "7843E1A8-983A-4079-9419-E5CC4E87046A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "76683D07-F4FB-4DB8-9CE8-917DE31FF609", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "304D121C-B38B-44D3-B7D9-933229C5788D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.3.12:*:*:*:*:*:*:*", "matchCriteriaId": "319ABF9F-2EBC-4CE3-A4FC-AD843F7B4371", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.9.99pre1:*:*:*:*:*:*:*", "matchCriteriaId": "201735FB-50E8-4FE6-8F64-E656FEDA730D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.9.99pre2:*:*:*:*:*:*:*", "matchCriteriaId": "D48F6D9A-2F33-478C-9543-BBC219720029", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:1.9.99pre3:*:*:*:*:*:*:*", "matchCriteriaId": "CDA16F38-F9F7-48F4-ACD6-584F6FE3705C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "75C34ED0-8646-4EC7-A454-F3E67E3C3ADA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "08A0A8C3-862B-48D0-B24F-E6B9E50F1D59", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "93A05F89-B948-423D-B9DA-6E7BE5C8C08F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "788B4B4F-5F06-4513-A191-12CE40AA6D0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5B874744-E9A4-4200-A283-04979B84189C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FDCBC96F-0FFC-45D2-AA85-EED1E441BB52", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "4470D295-F0CF-4026-B09F-DDF2D0E1D597", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "19995087-2549-4E85-B4C9-66F3198822BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "32A6EEB9-94C6-4B07-9B53-DAB5E5E6BFDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "9E3AB36D-DC87-4782-972C-13F0654C6562", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C387792-F9A2-45CA-B214-6E8FC7D3D1D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "50E745D0-4ABF-47EC-9F8A-FADC2F51FD7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "94DE1B89-E4C3-4D45-886B-BB17FBCF7339", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "33D789DA-9448-4F9E-B26B-5F4A3DFBFABE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "1F811A05-7039-4561-AD58-F4D8048AF8E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "7E20AAE7-7B5E-4A62-AA5F-B5B685312E53", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "07381378-306D-4F57-A513-C6EC7EE57318", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "AAC1BEE2-7649-475F-9087-4DAC64C04135", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "D1B040E6-90DD-4CE4-8BEE-E81A89EF63D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "0EF54BA4-D4B1-4EDB-AE26-0E51E68BAA52", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "2839F928-E9C7-4A3E-BAFA-3E415C481961", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "4FCDFAEF-6B6C-4029-B127-3A5EF4C12536", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.99pre1:*:*:*:*:*:*:*", "matchCriteriaId": "6D5A7E31-CA6E-4AE6-A4E7-3F3CC3B6F0B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.1.99pre2:*:*:*:*:*:*:*", "matchCriteriaId": "9776DC31-7720-4B2A-9134-1C3F2BD5B52A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "3858BA68-831D-4C6B-8905-148A6113CE74", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "2DD9DDCE-1AEA-4EBB-B00D-49A869B919FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:nano:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF03EC98-FEB7-4C04-A830-84F7CECCA91B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim."}, {"lang": "es", "value": "GNU nano anterior v2.2.4 no verificansi un fichero hasido cambiado antes de ser sobreescrito en una operaci\u00f3n de salvado, lo que permite a atacantes locales asistidos por usuario escribir en archivos de su elecci\u00f3n a trav\u00e9s de un ataque de enlace simb\u00f3lico en un fichero propiedad del atacante que es editando por la v\u00edctima."}], "id": "CVE-2010-1160", "lastModified": "2024-11-21T01:13:46.403", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-04-16T19:30:00.460", "references": [{"source": "secalert@redhat.com", "url": "http://drosenbe.blogspot.com/2010/03/nano-as-root.html"}, {"source": "secalert@redhat.com", "url": "http://lists.gnu.org/archive/html/nano-devel/2010-04/msg00000.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/39444"}, {"source": "secalert@redhat.com", "url": "http://svn.savannah.gnu.org/viewvc/trunk/nano/ChangeLog?revision=4503&root=nano&view=markup"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2010/04/14/4"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1023891"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://drosenbe.blogspot.com/2010/03/nano-as-root.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.gnu.org/archive/html/nano-devel/2010-04/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/39444"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://svn.savannah.gnu.org/viewvc/trunk/nano/ChangeLog?revision=4503&root=nano&view=markup"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2010/04/14/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1023891"}], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [{"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2010-1160\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.", "lastModified": "2010-04-16T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "nano: multiple file editing insecurities", "id": "582434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=582434"}, "csaw": false, "cvss": {"cvss_base_score": "3.6", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "status": "draft"}, "details": ["GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim."], "name": "CVE-2010-1160", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:3", "fix_state": "Will not fix", "package_name": "nano", "product_name": "Red Hat Enterprise Linux 3"}, {"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Will not fix", "package_name": "nano", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "nano", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "nano", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2010-04-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2010-1160\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-1160"], "statement": "This issue was corrected in Red Hat Enterprise Linux 6 prior to its initial release.\nRed Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates for this or earlier releases. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}