 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.50676 |
| Kategorie: | Mandrake Local Security Checks |
| Titel: | Mandrake Security Advisory MDKSA-2003:012 (vim) |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing an update to vim announced via advisory MDKSA-2003:012. A vulnerability was discovered in vim by Georgi Guninski that allows arbitrary command execution using the libcall feature found in modelines. A patch to fix this problem was introduced in vim 6.1 patchlevel 265. This patch has been applied to the provided update packages. Affected versions: 7.2, 8.0, 8.1, 8.2, 9.0, Multi Network Firewall 8.2, Single Network Firewall 7.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:012 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1377 http://www.guninski.com/vim1.html Risk factor : Medium CVSS Score: 4.6 |
| Querverweis: |
BugTraq ID: 6384 Common Vulnerability Exposure (CVE) ID: CVE-2002-1377 http://www.securityfocus.com/bid/6384 Bugtraq: 20040331 OpenLinux: vim arbitrary commands execution through modelines (Google Search) http://marc.info/?l=bugtraq&m=108077992208690&w=2 Conectiva Linux advisory: CLA-2004:812 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000812 http://lists.grok.org.uk/pipermail/full-disclosure/2002-December/002948.html http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:012 http://www.guninski.com/vim1.html http://www.redhat.com/support/errata/RHSA-2002-297.html http://www.redhat.com/support/errata/RHSA-2002-302.html http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55700 XForce ISS Database: vim-modeline-command-execution(10835) https://exchange.xforce.ibmcloud.com/vulnerabilities/10835 |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |