Full Disclosure mailing list archives

Re: Fwd: Re: [USN-52-1] vim vulnerability

From: Ciaran McCreesh <ciaranm () gentoo org>
Date: Sun, 26 Dec 2004 15:12:53 +0000

On Sun, 26 Dec 2004 09:00:28 +0100 Sune Kloppenborg Jeppesen
<jaervosz () gentoo org> wrote:
| ----------  Forwarded Message  ----------
| 
| Subject: Re: [USN-52-1] vim vulnerability
| Date: Friday 24 December 2004 05:31
| From: Liu Die Yu <liudieyu () umbrella name>
| To: Martin Pitt <martin.pitt () canonical com>
| Cc: ubuntu-security-announce () lists ubuntu com, 
| full-disclosure () lists netsys com, bugtraq () securityfocus com
| 
| the credit really should go to Georgi Guninski who said:
<snip>

This is a different unrelated vulnerability which has been fixed for a
long time. The issues I found are not related to libcall*, rather they
rely upon exploiting wildcards to make vim source arbitrary files.

-- 
Ciaran McCreesh : Gentoo Developer (Vim, Fluxbox, Sparc, Mips)
Mail            : ciaranm at gentoo.org
Web             : http://dev.gentoo.org/~ciaranm

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

[USN-52-1] vim vulnerability Martin Pitt (Dec 24)
- Re: [USN-52-1] vim vulnerability Liu Die Yu (Dec 24)
- <Possible follow-ups>
- Re: Fwd: Re: [USN-52-1] vim vulnerability Ciaran McCreesh (Dec 26)