Date: Mon, 24 Nov 2008 18:59:28 +0300 (MSK) From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: FreeBSD-gnats-submit@freebsd.org Cc: freebsd-security@freebsd.org Subject: [vuxml] editors/vim: document netrw issues Message-ID: <20081124155929.073851AF41F@void.codelabs.ru>
next in thread | raw e-mail | index | archive | help
>Submitter-Id: current-users >Originator: Eygene Ryabinkin >Organization: Code Labs >Confidential: no >Synopsis: [vuxml] editors/vim: document netrw issues >Severity: serious >Priority: medium >Category: ports >Class: sw-bug >Release: FreeBSD 7.1-PRERELEASE i386 >Environment: System: FreeBSD 7.1-PRERELEASE i386 >Description: A bunch of vulnerabilities were discovered in Vim: http://www.rdancer.org/vulnerablevim-netrw.html http://www.rdancer.org/vulnerablevim-netrw.v2.html http://www.rdancer.org/vulnerablevim-netrw.v5.html http://www.rdancer.org/vulnerablevim-netrw-credentials-dis.html Some of them affect Vim >=7.0 and < 7.2. >How-To-Repeat: Look at the above URLs and read Jan Lieskovsky summary: http://www.openwall.com/lists/oss-security/2008/10/16/2 >Fix: The following VuXML entry should be evaluated and added: --- vuln.xml begins here --- <vuln vid=""> <topic>vim -- multiple vulnerabilities in the netrw module</topic> <affects> <package> <name>vim</name> <name>vim-lite</name> <name>vim-gtk2</name> <name>vim-gnome</name> <range><ge>7.0</ge><lt>7.2</lt></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; <p>Jan Minar reports:</p> <blockquote cite="http://www.rdancer.org/vulnerablevim-netrw.v2.html">; <p>Applying the ``D'' to a file with a crafted file name, or inside a directory with a crafted directory name, can lead to arbitrary code execution.</p> </blockquote> <blockquote cite="http://www.rdancer.org/vulnerablevim-netrw.v5.html">; <p>Lack of sanitization throughout Netrw can lead to arbitrary code execution upon opening a directory with a crafted name.</p> </blockquote> <blockquote cite="http://www.rdancer.org/vulnerablevim-netrw-credentials-dis.html">; <p>The Vim Netrw Plugin shares the FTP user name and password across all FTP sessions. Every time Vim makes a new FTP connection, it sends the user name and password of the previous FTP session to the FTP server.</p> </blockquote> </body> </description> <references> <url>http://www.rdancer.org/vulnerablevim-netrw.html</url>; <url>http://www.rdancer.org/vulnerablevim-netrw.v2.html</url>; <url>http://www.rdancer.org/vulnerablevim-netrw.v5.html</url>; <url>http://www.rdancer.org/vulnerablevim-netrw-credentials-dis.html</url>; <mlist>http://www.openwall.com/lists/oss-security/2008/10/16/2</mlist>; <cvename>CVE-2008-3076</cvename> </references> <dates> <discovery>2008-10-16</discovery> <entry>today</entry> </dates> </vuln> --- vuln.xml ends here ---
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081124155929.073851AF41F>