|
Test Kennung: | 1.3.6.1.4.1.25623.1.0.52250 |
Kategorie: | FreeBSD Local Security Checks |
Titel: | FreeBSD Ports: vim, vim-lite, vim+ruby |
Zusammenfassung: | FreeBSD Ports: vim, vim-lite, vim+ruby |
Beschreibung: | Description: The remote host is missing an update to the system as announced in the referenced advisory. The following packages are affected: vim vim-lite vim+ruby CVE-2004-1138 VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu. Solution: Update your system with the appropriate patches or software upgrades. ftp://ftp.vim.org/pub/vim/patches/6.3/6.3.045 http://groups.yahoo.com/group/vimdev/message/38084 http://www.vuxml.org/freebsd/bd9fc2bf-5ffe-11d9-a11a-000a95bc6fae.html CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-1138 http://marc.info/?l=bugtraq&m=110313588125609&w=2 https://bugzilla.fedora.us/show_bug.cgi?id=2343 http://www.gentoo.org/security/en/glsa/glsa-200412-10.xml http://www.redhat.com/support/errata/RHSA-2005-010.html http://www.redhat.com/support/errata/RHSA-2005-036.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9571 XForce ISS Database: vim-modeline-gain-privileges(18503) https://exchange.xforce.ibmcloud.com/vulnerabilities/18503 |
Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 58962 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |
|