[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070523005253.GE31780@outflux.net>
Date: Tue, 22 May 2007 17:52:53 -0700
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: [USN-463-1] vim vulnerability
===========================================================
Ubuntu Security Notice USN-463-1 May 22, 2007
vim vulnerability
CVE-2007-2438
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.10
Ubuntu 7.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.10:
vim 1:7.0-035+1ubuntu5.1
Ubuntu 7.04:
vim 1:7.0-164+1ubuntu7.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Tomas Golembiovsky discovered that some vim commands were accidentally
allowed in modelines. By tricking a user into opening a specially
crafted file in vim, an attacker could execute arbitrary code with user
privileges.
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-035+1ubuntu5.1.diff.gz
Size/MD5: 181454 08ac392fc206986410fd9d4dc56997aa
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-035+1ubuntu5.1.dsc
Size/MD5: 1368 fe5f29c40bf6fdb971527fe51907f8af
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0.orig.tar.gz
Size/MD5: 8457888 9ba05680b0719462f653e82720599f32
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-doc_7.0-035+1ubuntu5.1_all.deb
Size/MD5: 2033116 c29be2f445dc8bf3c7b2bdc493eead25
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gui-common_7.0-035+1ubuntu5.1_all.deb
Size/MD5: 88332 59af9db08d1b26342da87d9189672743
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-runtime_7.0-035+1ubuntu5.1_all.deb
Size/MD5: 6336752 4ee18dda53354017e036b3dabeecf3ae
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-common_7.0-035+1ubuntu5.1_amd64.deb
Size/MD5: 192632 7e4a9e7ef9379252d5f2f4e08f833e1f
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-full_7.0-035+1ubuntu5.1_amd64.deb
Size/MD5: 1059324 862f440407e6a3a2df2edd6c9c7e8dc4
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_7.0-035+1ubuntu5.1_amd64.deb
Size/MD5: 1031686 dd2c1eaaeac39222c772853d254edea5
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_7.0-035+1ubuntu5.1_amd64.deb
Size/MD5: 1029642 d777de21c76929fdaa73397f24968130
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_7.0-035+1ubuntu5.1_amd64.deb
Size/MD5: 1033064 717a149681c22512fadb22999ce71e65
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_7.0-035+1ubuntu5.1_amd64.deb
Size/MD5: 1029660 58b84cb5cbd9e83ab237812fff422a4e
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-ruby_7.0-035+1ubuntu5.1_amd64.deb
Size/MD5: 1024794 ded136c8dcd05f371014773b225e486b
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_7.0-035+1ubuntu5.1_amd64.deb
Size/MD5: 982170 35d329de289b8627529de2d7ce6db667
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-tiny_7.0-035+1ubuntu5.1_amd64.deb
Size/MD5: 617358 5e1f3cf593d6706cea6401a266910504
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-035+1ubuntu5.1_amd64.deb
Size/MD5: 838542 25a6a23ca81ab6751b537b4d85fd6960
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-common_7.0-035+1ubuntu5.1_i386.deb
Size/MD5: 192334 b7665fc338fd6ebcaf1267fc239f5eb8
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-full_7.0-035+1ubuntu5.1_i386.deb
Size/MD5: 935750 9173f4537c06507de53b8dbced92d515
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_7.0-035+1ubuntu5.1_i386.deb
Size/MD5: 909532 28100d893e7f93e7885f6c70ccef991d
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_7.0-035+1ubuntu5.1_i386.deb
Size/MD5: 906786 ab69618511120f46359b75c96c29cc30
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_7.0-035+1ubuntu5.1_i386.deb
Size/MD5: 913134 87848f884d7a7fc5bef0db165a088405
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_7.0-035+1ubuntu5.1_i386.deb
Size/MD5: 906798 c391697fdc923ef08f8652d1992cecd0
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-ruby_7.0-035+1ubuntu5.1_i386.deb
Size/MD5: 901710 872487b187f717e99b48d4554c7f67f5
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_7.0-035+1ubuntu5.1_i386.deb
Size/MD5: 862220 1a9c312403e1d88b231a96fd5adf3561
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-tiny_7.0-035+1ubuntu5.1_i386.deb
Size/MD5: 534516 5e5cd699a8e42850889189c6fb6571e5
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-035+1ubuntu5.1_i386.deb
Size/MD5: 735654 f9b7a52555881136c4216c635ddf0cb9
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-common_7.0-035+1ubuntu5.1_powerpc.deb
Size/MD5: 192686 3815c57ab177cd3f522855caf2d04a7c
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-full_7.0-035+1ubuntu5.1_powerpc.deb
Size/MD5: 1024590 2da6912ccc3649e9448bcdd22e4b6cbb
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_7.0-035+1ubuntu5.1_powerpc.deb
Size/MD5: 996270 cf874c5ac104441b14f571371ea6da7f
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_7.0-035+1ubuntu5.1_powerpc.deb
Size/MD5: 993932 e8c9160fca40ccf73db8cd6390fff9b7
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_7.0-035+1ubuntu5.1_powerpc.deb
Size/MD5: 999518 e13bf054daf8ad7049206aeab8ca6cbe
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_7.0-035+1ubuntu5.1_powerpc.deb
Size/MD5: 993946 3b384e0e9660a7e36a21f66be83b3cdd
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-ruby_7.0-035+1ubuntu5.1_powerpc.deb
Size/MD5: 989276 cc2d1069527f0c0946c2068be51d275f
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_7.0-035+1ubuntu5.1_powerpc.deb
Size/MD5: 947820 3eea24801ac7fea1861196d84e37a8a9
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-tiny_7.0-035+1ubuntu5.1_powerpc.deb
Size/MD5: 594840 f46bc8af95e8f8ad56c00b92691a5642
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-035+1ubuntu5.1_powerpc.deb
Size/MD5: 812510 33ed8a3ddd1d85a75cde631ad18c0cb6
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-common_7.0-035+1ubuntu5.1_sparc.deb
Size/MD5: 192452 c05ff0b18463155208fa6ed74198e4ab
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-full_7.0-035+1ubuntu5.1_sparc.deb
Size/MD5: 960468 4a031c66001d2f96e3cd8f8572723df2
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_7.0-035+1ubuntu5.1_sparc.deb
Size/MD5: 933874 916b78d160737ac22f61e156c81443a2
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_7.0-035+1ubuntu5.1_sparc.deb
Size/MD5: 931932 233d1a1823e6fc0f2a41cfe57cfdfff5
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_7.0-035+1ubuntu5.1_sparc.deb
Size/MD5: 937520 a1b926aaa056c2acf99eedc0de408931
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_7.0-035+1ubuntu5.1_sparc.deb
Size/MD5: 931940 f59ebb0ad0afc2703d41b0292fadf535
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-ruby_7.0-035+1ubuntu5.1_sparc.deb
Size/MD5: 927348 c776a41a98bfe7389b0694108dc89d62
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_7.0-035+1ubuntu5.1_sparc.deb
Size/MD5: 885156 0260a322a095badc5457e6e6062e5b1f
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-tiny_7.0-035+1ubuntu5.1_sparc.deb
Size/MD5: 546380 8c635c0f603795034ab6636d6209d099
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-035+1ubuntu5.1_sparc.deb
Size/MD5: 755594 4d636d2f09b064bd497d78ed78325bf2
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-164+1ubuntu7.1.diff.gz
Size/MD5: 327550 fb5ecfb63933c5b6660f9a346c7de7de
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-164+1ubuntu7.1.dsc
Size/MD5: 1513 78d387edf237ca1466778a1b66c05237
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0.orig.tar.gz
Size/MD5: 8457888 9ba05680b0719462f653e82720599f32
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-doc_7.0-164+1ubuntu7.1_all.deb
Size/MD5: 2038826 cc3d150bcc2c90fa4acfe447f0281e67
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gui-common_7.0-164+1ubuntu7.1_all.deb
Size/MD5: 146232 01afd1afadfe6dffbfec8ae8024d1aec
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-runtime_7.0-164+1ubuntu7.1_all.deb
Size/MD5: 5210482 a2fba347af1784e28cac97ce2d1c318f
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-common_7.0-164+1ubuntu7.1_amd64.deb
Size/MD5: 186350 10733a53c771b906488d68063069e031
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-full_7.0-164+1ubuntu7.1_amd64.deb
Size/MD5: 1081322 fbf8376b0d5423fbc1dec2f3ad1609e3
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_7.0-164+1ubuntu7.1_amd64.deb
Size/MD5: 1053616 97cd20b52b77d8350c12022acaa90ac7
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_7.0-164+1ubuntu7.1_amd64.deb
Size/MD5: 1051648 17e23584cd933340e161ca784d879025
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_7.0-164+1ubuntu7.1_amd64.deb
Size/MD5: 1054890 e1cc86bb423bec3cdb2f6f07abbb9378
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_7.0-164+1ubuntu7.1_amd64.deb
Size/MD5: 1051658 2842c1d1d0d616a851d3de3854daaf35
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-ruby_7.0-164+1ubuntu7.1_amd64.deb
Size/MD5: 1046502 fccf926f9ea6004d55ecfd0033350e1d
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_7.0-164+1ubuntu7.1_amd64.deb
Size/MD5: 986240 3287ec513a4432fbac94829dc75662b1
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-tiny_7.0-164+1ubuntu7.1_amd64.deb
Size/MD5: 620004 0ea9ddc6989e5befbfe56add49aa8ef2
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-164+1ubuntu7.1_amd64.deb
Size/MD5: 842858 c5a13be7b7948412d4539527912830e6
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-common_7.0-164+1ubuntu7.1_i386.deb
Size/MD5: 186004 813981b88d1a3fd834ab61a7e9b62cad
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-full_7.0-164+1ubuntu7.1_i386.deb
Size/MD5: 956894 519b11b1043278a99925a8617c3c4b4a
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_7.0-164+1ubuntu7.1_i386.deb
Size/MD5: 929926 0b6953cf5fffa8d1a3fc52efc4809ae0
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_7.0-164+1ubuntu7.1_i386.deb
Size/MD5: 927328 744910078f736ec98af16ff12707ae95
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_7.0-164+1ubuntu7.1_i386.deb
Size/MD5: 933724 f7e3ec3c9142317ccbf45f5b5cedf623
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_7.0-164+1ubuntu7.1_i386.deb
Size/MD5: 927340 433b61f6f12991dff231979cdfe35539
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-ruby_7.0-164+1ubuntu7.1_i386.deb
Size/MD5: 922614 a69a3acb7d9d655ecc34533405684ce6
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_7.0-164+1ubuntu7.1_i386.deb
Size/MD5: 864820 e9e6afefcbff72683050009cdd5b4604
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-tiny_7.0-164+1ubuntu7.1_i386.deb
Size/MD5: 536588 7a8ba507ec45b8cf88846cf1cee976b7
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-164+1ubuntu7.1_i386.deb
Size/MD5: 738414 0f9f2f016295070b690cd8eb50424839
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-common_7.0-164+1ubuntu7.1_powerpc.deb
Size/MD5: 186652 05c46a25795854ecc2be6eb1a11ae3c1
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-full_7.0-164+1ubuntu7.1_powerpc.deb
Size/MD5: 1057630 9b4f3860c47eaff44cbb733aadc7f432
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_7.0-164+1ubuntu7.1_powerpc.deb
Size/MD5: 1027652 30921c690da053b3e67c8e962d38a4a1
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_7.0-164+1ubuntu7.1_powerpc.deb
Size/MD5: 1024594 b1504c555689c42448fa6be06c8467df
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_7.0-164+1ubuntu7.1_powerpc.deb
Size/MD5: 1032266 fd1fa2bc784e9e5f74223022b72089ed
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_7.0-164+1ubuntu7.1_powerpc.deb
Size/MD5: 1024608 e0f1f3ad64cc7c02cec3c96218d5845d
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-ruby_7.0-164+1ubuntu7.1_powerpc.deb
Size/MD5: 1020404 c99a2ebfa4ad71cc328a94ee49a9d775
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_7.0-164+1ubuntu7.1_powerpc.deb
Size/MD5: 960902 2e0e19934160b180e111a6abb248ec19
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-tiny_7.0-164+1ubuntu7.1_powerpc.deb
Size/MD5: 599418 d0972f552b046271c5e8095574d1558a
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-164+1ubuntu7.1_powerpc.deb
Size/MD5: 818328 e8624ce31b467322d806c66a2641866a
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-common_7.0-164+1ubuntu7.1_sparc.deb
Size/MD5: 186226 790796fc0a379ee2df2448875115ff0d
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-full_7.0-164+1ubuntu7.1_sparc.deb
Size/MD5: 986210 3f07afdd973033859d984e04df67aeaf
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_7.0-164+1ubuntu7.1_sparc.deb
Size/MD5: 959346 ab9c58d62e86713678f498850a170689
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_7.0-164+1ubuntu7.1_sparc.deb
Size/MD5: 957308 d8c50574d939909d567e56c7f003e906
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_7.0-164+1ubuntu7.1_sparc.deb
Size/MD5: 963268 45fba6e895b4e317d1dcba3b7290b321
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_7.0-164+1ubuntu7.1_sparc.deb
Size/MD5: 957332 0ff83426d34765aaf56fc779824bb91c
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-ruby_7.0-164+1ubuntu7.1_sparc.deb
Size/MD5: 952732 99c8cba9cf132a4837163c5b23bba6d0
http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_7.0-164+1ubuntu7.1_sparc.deb
Size/MD5: 892564 f46f2260b0779aa2085fc3f261067cbe
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-tiny_7.0-164+1ubuntu7.1_sparc.deb
Size/MD5: 549282 3e9ad9b444643a02cbac5bb8480c1f52
http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_7.0-164+1ubuntu7.1_sparc.deb
Size/MD5: 759048 c37bfefae4c53c31267ff26e01f5a859
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
Powered by blists - more mailing lists