16 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-17087
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group which may be different from the group ownership of the...
USN-5147-1: Vim vulnerabilities | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Several security issues were fixed in Vim. CVEs contained in this USN include: CVE-2017-17087, CVE-2019-20807. Affected Cloud Foundry Products and Versions Severity is low unless...
[SECURITY] [DLA 2876-1] vim security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2876-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky January 10, 2022 https://wiki.debian.org/LTS -...
Ubuntu: Security Advisory (USN-5147-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4582-1: Vim vulnerabilities | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected...
EulerOS Virtualization 3.0.2.2 : vim (EulerOS-SA-2020-2193)
According to the version of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group which may be different from the...
EulerOS Virtualization 3.0.6.0 : vim (EulerOS-SA-2020-1745)
According to the version of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It was found that the swap file created by vim when opening a file was using the user's primary group instead of the file's group. An...
EulerOS Virtualization for ARM 64 3.0.2.0 : vim (EulerOS-SA-2020-1546)
According to the version of the vim packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - It was found that the swap file created by vim when opening a file was using the user's primary group instead of the file's...
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2020-1546)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : vim (EulerOS-SA-2020-1138)
According to the version of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group which may be different from the group ownershi...
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2020-1138)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2019-2679)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : vim (EulerOS-SA-2019-2462)
According to the version of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group which may be different from the group ownershi...
CVE-2017-17087
It was found that the swap file created by vim when opening a file was using the user's primary group instead of the file's group. An attacker belonging to the victim's primary group could use this flaw to read the vim swap file...
CVE-2017-17087
fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group which may be different from the group ownership of the original file, which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by...
CVE-2017-17087
The CVE-2017-17087 issue affects Vim, where fileio.c before 8.0.1263 creates a .swp file and assigns its group to the editor’s primary group, which may differ from the original file’s group. This can allow local users to access sensitive information, as demonstrated by mismatched ownership exampl...