Local Privilege Escalation: Arbitrary Command Execution via libedit's Incorrect .editrc File Search

Local Privilege Escalation: Arbitrary Command Execution via libedit's Incorrect .editrc File Search

CVE-2000-0595 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

libedit searches for the .editrc file in the current directory instead of the user's home directory, which may allow local users to execute arbitrary commands by installing a modified .editrc in another directory.

Learn more about our User Device Pen Test.