Bug#500381: vim: CVE-2008-4101 Vim 3.0 through 7.x before 7.2.010 does not properly escape ...

Thomas Bläsing thomasbl at pool.math.tu-berlin.de
Sat Sep 27 16:06:03 UTC 2008


Source: vim
Version: 7.2.000-3
Severity: grave
Tags: security patch

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for vim.

CVE-2008-4101[0]:
| Vim 3.0 through 7.x before 7.2.010 does not properly escape
| characters, which allows user-assisted attackers to (1) execute
| arbitrary shell commands by entering a K keystroke on a line that
| contains a ";" (semicolon) followed by a command, or execute arbitrary
| Ex commands by entering an argument after a (2) "Ctrl-]" (control
| close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke
| sequence, a different issue than CVE-2008-2712.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4101
    http://security-tracker.debian.net/tracker/CVE-2008-4101

The patch is available at:
http://groups.google.com/group/vim_dev/msg/9290f26f9bc11b33

For a better explanation see:
http://www.rdancer.org/vulnerablevim-K.html

Kind regards,
Thomas.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-vim-maintainers/attachments/20080927/bfb778db/attachment.pgp 


More information about the pkg-vim-maintainers mailing list