Test Kennung:	1.3.6.1.4.1.25623.1.0.63425
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDVSA-2009:047 (vim)
Zusammenfassung:	The remote host is missing an update to vim;announced via advisory MDVSA-2009:047.
Beschreibung:	Summary: The remote host is missing an update to vim announced via advisory MDVSA-2009:047. Vulnerability Insight: Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Vim working directory (CVE-2009-0316). This update provides fix for that vulnerability. Affected: 2008.1, 2009.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0316 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html BugTraq ID: 33447 http://www.securityfocus.com/bid/33447 http://www.mandriva.com/security/advisories?name=MDVSA-2009:047 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484305 http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html http://www.openwall.com/lists/oss-security/2009/01/26/2 XForce ISS Database: vim-pysyssetargv-privilege-escalation(48275) https://exchange.xforce.ibmcloud.com/vulnerabilities/48275
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.