Test ID:	1.3.6.1.4.1.25623.1.0.51181
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2005:010
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2005:010. VIM (Vi IMproved) is an updated and improved version of the vi screen-based editor. Ciaran McCreesh discovered a modeline vulnerability in VIM. It is possible that a malicious user could create a file containing a specially crafted modeline which could cause arbitrary command execution when viewed by a victim. Please note that this issue only affects users who have modelines and filetype plugins enabled, which is not the default. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-1138 to this issue. All users of VIM are advised to upgrade to these erratum packages, which contain a backported patch for this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-010.html Risk factor : High CVSS Score: 7.2
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1138 https://bugzilla.fedora.us/show_bug.cgi?id=2343 http://www.gentoo.org/security/en/glsa/glsa-200412-10.xml http://marc.info/?l=bugtraq&m=110313588125609&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9571 http://www.redhat.com/support/errata/RHSA-2005-010.html http://www.redhat.com/support/errata/RHSA-2005-036.html XForce ISS Database: vim-modeline-gain-privileges(18503) https://exchange.xforce.ibmcloud.com/vulnerabilities/18503
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.