April 19, 2001

Security advisory on NEdit vulnerability

Author: JT Smith

From LinuxSecurity.com: The Nirvana Editor, NEdit, is a GUI-style text editor based on popular
Macintosh and MS Windows editors.
When printing a whole text or selected parts of a text, nedit(1) creates
a temporary file in an insecure manner. This behavior could be exploited
to gain access to other users privileges, even root.

There is no workaround possible, because tmpnam(3) ignores the TMPDIR
environment variable. Just install the new RPM to fix this problem.


  • Linux
Click Here!