lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <200806141309.m5ED9bLg058230@moolenaar.net>
Date: Sat, 14 Jun 2008 15:09:37 +0200
From: Bram Moolenaar <Bram@...lenaar.net>
To: "Jan Minář" <rdancer@...ncer.org>
Cc: vim_dev@...glegroups.com, full-disclosure@...ts.grok.org.uk,
	bugtraq@...urityfocus.com
Subject: Re: Collection of Vulnerabilities in Fully
	Patched Vim 7.1


Jan Minar wrote:

> 1. Summary
> 
> Product  : Vim -- Vi IMproved
> Version  : Tested with 7.1.314 and 6.4
> Impact   : Arbitrary code execution
> Wherefrom: Local and remote
> Original : http://www.rdancer.org/vulnerablevim.html
> 
> Improper quoting in some parts of Vim written in the Vim Script can lead to
> arbitrary code execution upon opening a crafted file.
 
Thanks to Jan for finding these problems and explaining them
exhaustively.  I received a note a month ago and all reported problems
have been fixed.  Either by patches or updates to the runtime files.

Note that version 7.1.314, as reported in the Summary, does not have
most of the reported problems.  The problems in the plugins have also
been fixed, this requires updating the runtime files.  Information about
that can be found at http://www.vim.org/runtime.php

Patch 7.1.299 has added the fnameescape() function, which fixes the
reported issues with escaping command arguments.  It's not as difficult
as suggested in the report.

If you find any remaining or related problems, please report to me
directly.  That's the best way to get them fixed.

-- 
How To Keep A Healthy Level Of Insanity:
15. Five days in advance, tell your friends you can't attend their
    party because you're not in the mood.

 /// Bram Moolenaar -- Bram@...lenaar.net -- http://www.Moolenaar.net   \\\
///        sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\        download, build and distribute -- http://www.A-A-P.org        ///
 \\\            help me help AIDS victims -- http://ICCF-Holland.org    ///

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ