 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2017.0275 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2017-0275) |
| Zusammenfassung: | The remote host is missing an update for the 'vim' package(s) announced via the MGASA-2017-0275 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'vim' package(s) announced via the MGASA-2017-0275 advisory. Vulnerability Insight: Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor, does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened (CVE-2016-1248). A vulnerability has been discovered in Vim where a malformed spell file could cause an integer overflow which is used as the size for memory allocation, resulting in a subsequent buffer overflow (CVE-2017-5953). An integer overflow flaw was found in the way vim handled undo files. This bug could result in vim crashing when trying to process corrupted undo files (CVE-2017-6349). An integer overflow flaw was found in the way vim handled tree length values when reading an undo file. This bug could result in vim crashing when trying to process corrupted undo files (CVE-2017-6350). Affected Software/OS: 'vim' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-1248 BugTraq ID: 94478 http://www.securityfocus.com/bid/94478 Debian Security Information: DSA-3722 (Google Search) http://www.debian.org/security/2016/dsa-3722 https://security.gentoo.org/glsa/201701-29 https://lists.debian.org/debian-lts-announce/2016/11/msg00025.html RedHat Security Advisories: RHSA-2016:2972 http://rhn.redhat.com/errata/RHSA-2016-2972.html http://www.securitytracker.com/id/1037338 http://www.ubuntu.com/usn/USN-3139-1 Common Vulnerability Exposure (CVE) ID: CVE-2017-5953 BugTraq ID: 96217 http://www.securityfocus.com/bid/96217 Debian Security Information: DSA-3786 (Google Search) http://www.debian.org/security/2017/dsa-3786 https://security.gentoo.org/glsa/201706-26 https://usn.ubuntu.com/4016-1/ https://usn.ubuntu.com/4309-1/ Common Vulnerability Exposure (CVE) ID: CVE-2017-6349 BugTraq ID: 96451 http://www.securityfocus.com/bid/96451 https://github.com/vim/vim/commit/3eb1637b1bba19519885dd6d377bd5596e91d22c https://groups.google.com/forum/#!topic/vim_dev/LAgsTcdSfNA https://groups.google.com/forum/#!topic/vim_dev/QPZc0CY9j3Y http://www.securitytracker.com/id/1037949 Common Vulnerability Exposure (CVE) ID: CVE-2017-6350 BugTraq ID: 96448 http://www.securityfocus.com/bid/96448 https://github.com/vim/vim/commit/0c8485f0e4931463c0f7986e1ea84a7d79f10c75 https://groups.google.com/forum/#!topic/vim_dev/L_dOHOOiQ5Q |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |