CVE-2000-0271 in Emacs
Summary
by MITRE
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 04/21/2026
The vulnerability identified as CVE-2000-0271 affects Emacs version 20 and related Lisp functions including read-passwd, creating a critical security flaw in how the application handles keyboard input history. This vulnerability stems from insufficient memory management practices within the Emacs text editor's implementation of its Lisp interpreter, specifically in how it maintains and clears the history of recently typed keys during password input operations. The flaw represents a direct violation of secure coding principles and demonstrates poor input sanitization practices that expose sensitive data to unauthorized access.
The technical implementation of this vulnerability occurs when Emacs processes password input through functions like read-passwd and other Lisp functions that interact with user keyboard input. During these operations, the system maintains a history buffer containing recently typed keys, but fails to properly clear this buffer after password entry completion. This memory retention allows an attacker with access to the system to potentially extract previously typed passwords or sensitive information from the keyboard history buffer. The vulnerability specifically targets the lack of proper memory clearing mechanisms in the Lisp interpreter's handling of user input sequences, creating a persistent data leak that can be exploited through various attack vectors.
The operational impact of this vulnerability extends beyond simple password exposure to encompass broader security implications for systems running affected Emacs versions. Attackers can exploit this weakness to gain unauthorized access to sensitive information, particularly in environments where users frequently enter passwords or other confidential data into Emacs. The vulnerability is particularly dangerous in multi-user environments or systems where the Emacs process might be accessed by multiple individuals, as it allows for cross-user information leakage through the persistent keyboard history mechanism. This flaw creates a persistent security risk that can be leveraged for credential theft, privilege escalation, and other malicious activities that compromise system integrity and confidentiality.
This vulnerability aligns with CWE-200, which addresses improper exposure of sensitive information, and demonstrates characteristics consistent with CWE-772, related to missing release of resource after effective use. The attack surface for this vulnerability is enhanced by the fact that it operates at the application layer within the Emacs environment, making it accessible to attackers who can execute code or gain access to the system. From an ATT&CK perspective, this vulnerability maps to techniques involving credential access through information disclosure and privilege escalation, as it allows attackers to obtain sensitive data that would normally be protected by proper input handling. The flaw represents a critical weakness in the application's defense-in-depth strategy, as it bypasses normal security controls that should prevent unauthorized access to user input history.
Mitigation strategies for CVE-2000-0271 require immediate patching of affected Emacs installations to the latest secure versions that properly implement memory clearing mechanisms for keyboard history buffers. System administrators should implement comprehensive monitoring to detect potential exploitation attempts and ensure that all user sessions are properly terminated to prevent unauthorized access to retained keyboard history data. Additionally, organizations should conduct thorough security assessments of their Emacs environments to identify any other potential vulnerabilities in the Lisp interpreter's handling of user input. The implementation of proper input sanitization practices and memory management protocols should be enforced across all applications that handle sensitive user data, with regular security audits to ensure compliance with established security standards and prevent similar vulnerabilities from emerging in the future.