Home / vulnerabilitiesPDF  

PLSA-2008-30.txt

Posted on 25 August 2008
Source : packetstormsecurity.org Link

 

------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-30 security@pardus.org.tr
------------------------------------------------------------------------
Date: 2008-08-25
Severity: 3
Type: Local
------------------------------------------------------------------------

Summary
=======

Insufficient sanitization can lead to Vim executing arbitrary commands
when performing keyword or tag lookup.


Description
===========

(This vulnerability discovered by Ben Schmidt)


Affected packages:

Pardus 2008:
vim, all before 7.2.002-44-11


Resolution
==========

There are update(s) for vim. You can update them via Package Manager or
with a single command from console:

pisi up vim

References
==========

* http://www.rdancer.org/vulnerablevim-K.html
* http://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668e

------------------------------------------------------------------------

--
Pınar Yanardağ
Pardus Security Team
http://security.pardus.org.tr


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

 

TOP