Full Disclosure mailing list archives
Re: Fwd: Re: [USN-52-1] vim vulnerability
From: Ciaran McCreesh <ciaranm () gentoo org>
Date: Sun, 26 Dec 2004 15:12:53 +0000
On Sun, 26 Dec 2004 09:00:28 +0100 Sune Kloppenborg Jeppesen <jaervosz () gentoo org> wrote: | ---------- Forwarded Message ---------- | | Subject: Re: [USN-52-1] vim vulnerability | Date: Friday 24 December 2004 05:31 | From: Liu Die Yu <liudieyu () umbrella name> | To: Martin Pitt <martin.pitt () canonical com> | Cc: ubuntu-security-announce () lists ubuntu com, | full-disclosure () lists netsys com, bugtraq () securityfocus com | | the credit really should go to Georgi Guninski who said: <snip> This is a different unrelated vulnerability which has been fixed for a long time. The issues I found are not related to libcall*, rather they rely upon exploiting wildcards to make vim source arbitrary files. -- Ciaran McCreesh : Gentoo Developer (Vim, Fluxbox, Sparc, Mips) Mail : ciaranm at gentoo.org Web : http://dev.gentoo.org/~ciaranm
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [USN-52-1] vim vulnerability Martin Pitt (Dec 24)
- Re: [USN-52-1] vim vulnerability Liu Die Yu (Dec 24)
- <Possible follow-ups>
- Re: Fwd: Re: [USN-52-1] vim vulnerability Ciaran McCreesh (Dec 26)