 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.10.2017.0275 |
| Categoría: | Mageia Linux Local Security Checks |
| Título: | Mageia: Security Advisory (MGASA-2017-0275) |
| Resumen: | The remote host is missing an update for the 'vim' package(s) announced via the MGASA-2017-0275 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'vim' package(s) announced via the MGASA-2017-0275 advisory. Vulnerability Insight: Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor, does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened (CVE-2016-1248). A vulnerability has been discovered in Vim where a malformed spell file could cause an integer overflow which is used as the size for memory allocation, resulting in a subsequent buffer overflow (CVE-2017-5953). An integer overflow flaw was found in the way vim handled undo files. This bug could result in vim crashing when trying to process corrupted undo files (CVE-2017-6349). An integer overflow flaw was found in the way vim handled tree length values when reading an undo file. This bug could result in vim crashing when trying to process corrupted undo files (CVE-2017-6350). Affected Software/OS: 'vim' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-1248 BugTraq ID: 94478 http://www.securityfocus.com/bid/94478 Debian Security Information: DSA-3722 (Google Search) http://www.debian.org/security/2016/dsa-3722 https://security.gentoo.org/glsa/201701-29 https://lists.debian.org/debian-lts-announce/2016/11/msg00025.html RedHat Security Advisories: RHSA-2016:2972 http://rhn.redhat.com/errata/RHSA-2016-2972.html http://www.securitytracker.com/id/1037338 http://www.ubuntu.com/usn/USN-3139-1 Common Vulnerability Exposure (CVE) ID: CVE-2017-5953 BugTraq ID: 96217 http://www.securityfocus.com/bid/96217 Debian Security Information: DSA-3786 (Google Search) http://www.debian.org/security/2017/dsa-3786 https://security.gentoo.org/glsa/201706-26 https://usn.ubuntu.com/4016-1/ https://usn.ubuntu.com/4309-1/ Common Vulnerability Exposure (CVE) ID: CVE-2017-6349 BugTraq ID: 96451 http://www.securityfocus.com/bid/96451 https://github.com/vim/vim/commit/3eb1637b1bba19519885dd6d377bd5596e91d22c https://groups.google.com/forum/#!topic/vim_dev/LAgsTcdSfNA https://groups.google.com/forum/#!topic/vim_dev/QPZc0CY9j3Y http://www.securitytracker.com/id/1037949 Common Vulnerability Exposure (CVE) ID: CVE-2017-6350 BugTraq ID: 96448 http://www.securityfocus.com/bid/96448 https://github.com/vim/vim/commit/0c8485f0e4931463c0f7986e1ea84a7d79f10c75 https://groups.google.com/forum/#!topic/vim_dev/L_dOHOOiQ5Q |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |