|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-Disclosure] Re: Fwd: Re: [USN-52-1] vim vulnerability
From: Ciaran McCreesh (ciaranm
gentoo.org)
Date: Sun Dec 26 2004 - 09:12:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sun, 26 Dec 2004 09:00:28 +0100 Sune Kloppenborg Jeppesen
<jaervoszgentoo.org> wrote:
| ---------- Forwarded Message ----------
|
| Subject: Re: [USN-52-1] vim vulnerability
| Date: Friday 24 December 2004 05:31
| From: Liu Die Yu <liudieyuumbrella.name>
| To: Martin Pitt <martin.pittcanonical.com>
| Cc: ubuntu-security-announcelists.ubuntu.com,
| full-disclosurelists.netsys.com, bugtraqsecurityfocus.com
|
| the credit really should go to Georgi Guninski who said:
<snip>
This is a different unrelated vulnerability which has been fixed for a
long time. The issues I found are not related to libcall*, rather they
rely upon exploiting wildcards to make vim source arbitrary files.
--
Ciaran McCreesh : Gentoo Developer (Vim, Fluxbox, Sparc, Mips)
Mail : ciaranm at gentoo.org
Web : http://dev.gentoo.org/~ciaranm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFBztUA96zL6DUtXhERAgLvAKDQz8IO+833WwxJe0w7hBjL7gHfeQCgxy77
r91MB4AZSg45pc2c/SkxCtU=
=TSqD
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]