SecurityHome.eu Security vulnerability: PLSA-2008-30.txt

Home / vulnerabilities PDF

PLSA-2008-30.txt
Posted on 25 August 2008
Source : packetstormsecurity.org Link

------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-30 security@pardus.org.tr
------------------------------------------------------------------------
Date: 2008-08-25
Severity: 3
Type: Local
------------------------------------------------------------------------

Summary
=======

Insufficient sanitization can lead to Vim executing arbitrary commands
when performing keyword or tag lookup.

Description
===========

(This vulnerability discovered by Ben Schmidt)

Affected packages:

Pardus 2008:
vim, all before 7.2.002-44-11

Resolution
==========

There are update(s) for vim. You can update them via Package Manager or
with a single command from console:

pisi up vim

References
==========

* http://www.rdancer.org/vulnerablevim-K.html
* http://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668e

------------------------------------------------------------------------

--
PÄ±nar YanardaÄŸ
Pardus Security Team
http://security.pardus.org.tr

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

TOP

Malware :

Last 20

Exploits :

Last 20