8172 matches found
CVE-2008-3294
CVE-2008-3294 affects Vim 5.0–7.1 when built with Python support. The vulnerability stems from Makefile-conf temporary file not having guaranteed ownership/permissions, allowing local users to execute arbitrary code by modifying this file during a window or by creating it beforehand with restrict...
CVE-2008-3294
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it...
Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim
SUMMARY Product : Vim -- Vi IMproved Version : Tested with Vim 7.2b.10, filetype.vim 2008-07-17 Impact : Arbitrary code execution Wherefrom: Local and remote CVE : CVE-2008-2712 Original : http://www.rdancer.org/vulnerablevim-filetype.vim.updated.html...
Vim: Improper Implementation of shellescape()/Arbitrary Code Execution
Summary Product : Vim -- Vi IMproved Version : = 7.2a.013; tested with 7.2b Impact : Arbitrary code execution Wherefrom: Local, possibly remote Original : http://www.rdancer.org/vulnerablevim-shellescape.html http://www.rdancer.org/vulnerablevim-latest.tar.bz2 Improper implementation of the...
Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
Summary Product : Vim -- Vi IMproved Versions : 5.0--current, possibly older; 4.6 and 3.0 not vulnerable Impact : Arbitrary code execution Wherefrom: Local Original : http://www.rdancer.org/vulnerablevim-configure.in.html http://www.rdancer.org/vulnerablevim-configure.in.patch Insecure temporary...
Vim不安全文件建立漏洞
BUGTRAQ ID: 30279 CNCAN ID:CNCAN-2008072101 Vim是一款常用的文本编辑器。 Vim configure.in不安全建立临时文件,本地攻击者可以利用漏洞以运行应用程序权限覆盖或删除系统文件。 当构建过程中,在'/tmp'目录中会建立可猜测名字的临时文件,当VIM使用Python支持构建时运行如下代码: src/configure.in: 677 dnl -- we need to examine Python's config/Makefile too 678 dnl see what the interpreter is built from...
Netrw Vim脚本s:BrowserMaps()函数命令执行漏洞
BUGTRAQ ID: 30254 Netrw是一款VIM支持的远程读写文件的插件。 Netrw脚本的netrw.vim文件中没有正确地过滤某些语句: $ grep -n exe /.vim/autoload/netrw.vim|grep -v -e escape -e Decho -e executable | wc -l 239 当用户打开目录时,会使用execute命令加载键盘映射字符串,但没有过滤容纳当前目录名的b:netrwcurdir变量。在s:BrowserMaps函数中: 1709 if s:didstarstar || !mapcheck"s-up","n" 1710...
vim Netrw plugin code execution
Directory name shell characters vulnerability...
Arbitrary code execution in Netrw version 127, Vim 7.2b
Summary Product : Vim -- Vi IMproved, Netrw Version : Tested with Vim 7.2b, Netrw 127 Impact : Arbitrary code execution Wherefrom: Local, possibly remote Original : http://www.rdancer.org/vulnerablevim-netrw.v5.html http://www.rdancer.org/vulnerablevim-latest.tar.bz2 Lack of sanitization...
Netrw Vim Script - s:BrowserMaps() Command Execution
Netrw Vim Script - s:BrowserMaps Command Execution source: https://www.securityfocus.com/bid/30254/info Netrw is prone to a command-execution vulnerability because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting this issue can allow an attacker to execut...
Netrw Vim Script - 's:BrowserMaps()' Command Execution
source: https://www.securityfocus.com/bid/30254/info Netrw is prone to a command-execution vulnerability because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting this issue can allow an attacker to execute arbitrary commands with the privileges of the use...
Netrw Vim脚本多个命令执行漏洞
BUGTRAQ ID: 30115 CNCAN ID:CNCAN-2008070807 Netrw是一款VIM的支持远程文件读写的插件。 Netrw不正确过滤用户提交的数据,远程攻击者可以利用漏洞以应用程序权限执行任意命令。 多个地方Netrw $VIMRUNTIME/autoload/netrw.vim没有正确过滤用于SHELL参数的文件名数据。 使用特殊构建的文件名调用mz''命令可导致任意代码执行。 使用特殊构建的目录名调用mc''命令可导致任意代码执行。 构建特殊的文件名或者特殊的目录名,运行D'命令可导致任意代码执行。 Dr Chip netrw 125 目前没有解决方案提供:...
Netrw 125 Vim Script - Multiple Command Execution Vulnerabilities
source: https://www.securityfocus.com/bid/30115/info Netrw is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting these issues can allow an attacker to execute arbitrary commands with the privileges...
FreeBSD : vim -- Vim Shell Command Injection Vulnerabilities (30866e6c-3c6d-11dd-98c9-00163e000016)
Rdancer.org reports : Improper quoting in some parts of Vim written in the Vim Script can lead to arbitrary code execution upon opening a crafted file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...
DTSA-143-1 vim - filename escape vulnerability
Bulletin has no description...
Vim多个Shell命令注入漏洞
BUGTRAQ ID: 29715 VIM是一款免费开放源代码文本编辑器,可使用在Unix/Linux操作系统下。 VIM的filetype.vim、tar.vim、zip.vim、xpm.vim、xpm2.vim、gzip.vim和netrw.vim脚本没有正确地转义传送给execute语句的文件名中的特殊字符,如果用户受骗打开了恶意文件的话,就可能导致向受影响系统注入并执行任意SHELL命令。 VIM Development Group VIM 7.1.314 VIM Development Group VIM 6.4 VIM Development Group...
CVE-2008-2712
Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using 1 filetype.vim, 3 xpm.vim, 4 gzipvim, and 5 netrw. NOTE: the...
Design/Logic Flaw
Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using 1 filetype.vim, 3 xpm.vim, 4 gzipvim, and 5 netrw. NOTE: the...
CVE-2008-2712
Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using 1 filetype.vim, 3 xpm.vim, 4 gzipvim, and 5 netrw. NOTE: the...
DEBIAN-CVE-2008-2712
Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using 1 filetype.vim, 3 xpm.vim, 4 gzipvim, and 5 netrw. NOTE: the...