Lucene search

K

[email protected]NVD:CVE-2008-3074

HistoryFeb 21, 2009 - 10:30 p.m.

CVE-2008-3074

2009-02-2122:30:00

CWE-78

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.2%

The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the “!” (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive, which is not properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as demonstrated by the shellescape, tarplugin.v2, tarplugin, and tarplugin.updated test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3075. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier.

Affected configurations

NVD

Node

vimtar.vimMatchv.10

OR

vimtar.vimMatchv.11

OR

vimtar.vimMatchv.12

OR

vimtar.vimMatchv.13

OR

vimtar.vimMatchv.14

OR

vimtar.vimMatchv.15

OR

vimtar.vimMatchv.16

OR

vimtar.vimMatchv.17

OR

vimtar.vimMatchv.18

OR

vimtar.vimMatchv.19

OR

vimtar.vimMatchv.20

OR

vimtar.vimMatchv.21

OR

vimtar.vimMatchv.22

OR

vimvimMatch7.0

OR

vimvimMatch7.1

OR

vimvimMatch7.1.266

OR

vimvimMatch7.1.314

OR

vimvimMatch7.2

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919

lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html

marc.info/?l=bugtraq&m=121494431426308&w=2

secunia.com/advisories/34418

wiki.rpath.com/wiki/Advisories:rPSA-2008-0324

www.mandriva.com/security/advisories?name=MDVSA-2008:236

www.openwall.com/lists/oss-security/2008/07/07/1

www.openwall.com/lists/oss-security/2008/07/07/4

www.openwall.com/lists/oss-security/2008/07/08/12

www.openwall.com/lists/oss-security/2008/07/10/7

www.openwall.com/lists/oss-security/2008/07/13/1

www.openwall.com/lists/oss-security/2008/07/15/4

www.openwall.com/lists/oss-security/2008/08/01/1

www.openwall.com/lists/oss-security/2008/10/15/1

www.openwall.com/lists/oss-security/2008/10/20/2

www.rdancer.org/vulnerablevim-shellescape.html

www.rdancer.org/vulnerablevim.html

www.redhat.com/support/errata/RHSA-2008-0580.html

www.securityfocus.com/bid/32462

bugzilla.redhat.com/show_bug.cgi?id=467428

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10754

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.2%

Related for NVD:CVE-2008-3074

ubuntucve5 debiancve5 cve5 prion5 nvd4 cvelist5 openvas42 osv1 nessus21 debian4 oraclelinux2 centos3 redhat3 freebsd1 veracode3 securityvulns3 seebug1 ubuntu1 vmware2 threatpost1