Mandriva Linux Security Advisory 2008-236-1 - A number of input sanitization flaws were found in various vim system functions. These issues have been corrected with these updated packages.
2c1199851c002a7cd04b032aaaf3dd54259a8d7854bc08944eec2cc34af18b5f
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:236-1
http://www.mandriva.com/security/
_______________________________________________________________________
Package : vim
Date : December 8, 2008
Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0
_______________________________________________________________________
Problem Description:
Several vulnerabilities were found in the vim editor:
A number of input sanitization flaws were found in various vim
system functions. If a user were to open a specially crafted file,
it would be possible to execute arbitrary code as the user running vim
(CVE-2008-2712).
Ulf Härnhammar of Secunia Research found a format string flaw in
vim's help tags processor. If a user were tricked into executing the
helptags command on malicious data, it could result in the execution
of arbitrary code as the user running vim (CVE-2008-2953).
A flaw was found in how tar.vim handled TAR archive browsing. If a
user were to open a special TAR archive using the plugin, it could
result in the execution of arbitrary code as the user running vim
(CVE-2008-3074).
A flaw was found in how zip.vim handled ZIP archive browsing. If a
user were to open a special ZIP archive using the plugin, it could
result in the execution of arbitrary code as the user running vim
(CVE-2008-3075).
A number of security flaws were found in netrw.vim, the vim plugin
that provides the ability to read and write files over the network.
If a user opened a specially crafted file or directory with the netrw
plugin, it could result in the execution of arbitrary code as the
user running vim (CVE-2008-3076).
A number of input validation flaws were found in vim's keyword and
tag handling. If vim looked up a document's maliciously crafted
tag or keyword, it was possible to execute arbitary code as the user
running vim (CVE-2008-4101).
A vulnerability was found in certain versions of netrw.vim where it
would send FTP credentials stored for an FTP session to subsequent
FTP sessions to servers on different hosts, exposing FTP credentials
to remote hosts (CVE-2008-4677).
This update provides vim 7.2 (patchlevel 65) which corrects all of
these issues and introduces a number of new features and bug fixes.
Update:
The previous vim update incorrectly introduced a requirement on
libruby and also conflicted with a file from the git-core package
(in contribs). These issues have been corrected with these updated
packages.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2953
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4677
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
1ebd5f8b6c0743bab3db3113c2bb5498 2008.0/i586/vim-common-7.2.065-9.3mdv2008.0.i586.rpm
ecad30a24814aa1543f3e9f4548c0d8e 2008.0/i586/vim-enhanced-7.2.065-9.3mdv2008.0.i586.rpm
a62bc45e20c7cb05ea99471949fa057b 2008.0/i586/vim-minimal-7.2.065-9.3mdv2008.0.i586.rpm
e5431f23309139db47583d100ebec5fc 2008.0/i586/vim-X11-7.2.065-9.3mdv2008.0.i586.rpm
f2413164a86b6635ee5ff016c3527d64 2008.0/SRPMS/vim-7.2.065-9.3mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
3fc6eb1eda476d642947ecaab7a225f2 2008.0/x86_64/vim-common-7.2.065-9.3mdv2008.0.x86_64.rpm
0edf2753ba8a00f8d866e559f7a2192b 2008.0/x86_64/vim-enhanced-7.2.065-9.3mdv2008.0.x86_64.rpm
692d5032e705bfda05b2b2618b8369d6 2008.0/x86_64/vim-minimal-7.2.065-9.3mdv2008.0.x86_64.rpm
87bf7a4fba22dc1773b544eeb412db06 2008.0/x86_64/vim-X11-7.2.065-9.3mdv2008.0.x86_64.rpm
f2413164a86b6635ee5ff016c3527d64 2008.0/SRPMS/vim-7.2.065-9.3mdv2008.0.src.rpm
Mandriva Linux 2008.1:
c934d47ecaa0ed9d9bff2b89fea74f20 2008.1/i586/vim-common-7.2.065-9.3mdv2008.1.i586.rpm
714185e359626acb9d22a88c54608a38 2008.1/i586/vim-enhanced-7.2.065-9.3mdv2008.1.i586.rpm
59d119574eb3dc453305bed6da73a12e 2008.1/i586/vim-minimal-7.2.065-9.3mdv2008.1.i586.rpm
4543e6fba5116a1d95fddfee3ce73613 2008.1/i586/vim-X11-7.2.065-9.3mdv2008.1.i586.rpm
d007fce1a939ef4e1841cf54c68dbdd0 2008.1/SRPMS/vim-7.2.065-9.3mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
f8375b1d25260274ef2b081eec0396ea 2008.1/x86_64/vim-common-7.2.065-9.3mdv2008.1.x86_64.rpm
20577d11a3a22ff802a7e1c749099b76 2008.1/x86_64/vim-enhanced-7.2.065-9.3mdv2008.1.x86_64.rpm
1aa16e6fb134f57f4faefb319bdd6840 2008.1/x86_64/vim-minimal-7.2.065-9.3mdv2008.1.x86_64.rpm
99e25a76291297900ffce76e81e87e20 2008.1/x86_64/vim-X11-7.2.065-9.3mdv2008.1.x86_64.rpm
d007fce1a939ef4e1841cf54c68dbdd0 2008.1/SRPMS/vim-7.2.065-9.3mdv2008.1.src.rpm
Mandriva Linux 2009.0:
39b17b1ac441ba27254daeac8e593de6 2009.0/i586/vim-common-7.2.065-9.3mdv2009.0.i586.rpm
477cbeec330709630426f06c474e3c48 2009.0/i586/vim-enhanced-7.2.065-9.3mdv2009.0.i586.rpm
3ae2bf83194b6a323e78e09874a9cb3d 2009.0/i586/vim-minimal-7.2.065-9.3mdv2009.0.i586.rpm
02c54fb5e618484f6312ddf0b98cb08b 2009.0/i586/vim-X11-7.2.065-9.3mdv2009.0.i586.rpm
26bb261499484986d9f352208dac6aab 2009.0/SRPMS/vim-7.2.065-9.3mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
6c00a2bcd26eed82708f625b0c2f4ecc 2009.0/x86_64/vim-common-7.2.065-9.3mdv2009.0.x86_64.rpm
2a9dcd8a41b17ba2849df2e1d0da077f 2009.0/x86_64/vim-enhanced-7.2.065-9.3mdv2009.0.x86_64.rpm
effaa23409fe3358318c291db55f6e6b 2009.0/x86_64/vim-minimal-7.2.065-9.3mdv2009.0.x86_64.rpm
7ca4a070928495e0e8081bbe0b845c51 2009.0/x86_64/vim-X11-7.2.065-9.3mdv2009.0.x86_64.rpm
26bb261499484986d9f352208dac6aab 2009.0/SRPMS/vim-7.2.065-9.3mdv2009.0.src.rpm
Corporate 3.0:
474ad132ad608caf03176e33b81359f8 corporate/3.0/i586/vim-common-7.2.065-9.3.C30mdk.i586.rpm
1349e3dcc99a0e100e185f344efabe3d corporate/3.0/i586/vim-enhanced-7.2.065-9.3.C30mdk.i586.rpm
5ee98b1525bd32dec3af623474c6ade4 corporate/3.0/i586/vim-minimal-7.2.065-9.3.C30mdk.i586.rpm
3327eedd3e14cb7b426cdf0ba07ef5ed corporate/3.0/i586/vim-X11-7.2.065-9.3.C30mdk.i586.rpm
9f059fa975e2d851e66f5e1eff88d3d0 corporate/3.0/SRPMS/vim-7.2.065-9.3.C30mdk.src.rpm
Corporate 3.0/X86_64:
65e2168ca42319b7ba79f7dfe0e2143f corporate/3.0/x86_64/vim-common-7.2.065-9.3.C30mdk.x86_64.rpm
85092d93a8a040c567ce59d0512d8847 corporate/3.0/x86_64/vim-enhanced-7.2.065-9.3.C30mdk.x86_64.rpm
dff08e81f6c2cede1de99ae96700178f corporate/3.0/x86_64/vim-minimal-7.2.065-9.3.C30mdk.x86_64.rpm
f299fe329b20cefb391976ffb9664b39 corporate/3.0/x86_64/vim-X11-7.2.065-9.3.C30mdk.x86_64.rpm
9f059fa975e2d851e66f5e1eff88d3d0 corporate/3.0/SRPMS/vim-7.2.065-9.3.C30mdk.src.rpm
Corporate 4.0:
37db43f0c3855a4c86d5237f4e5f292f corporate/4.0/i586/vim-common-7.2.065-8.3.20060mlcs4.i586.rpm
9ed45a0dd9eb354a508c893a2e177662 corporate/4.0/i586/vim-enhanced-7.2.065-8.3.20060mlcs4.i586.rpm
6117088ff587d3b96090dc5232a37a36 corporate/4.0/i586/vim-minimal-7.2.065-8.3.20060mlcs4.i586.rpm
61747391c926c371c679984941a5bfb9 corporate/4.0/i586/vim-X11-7.2.065-8.3.20060mlcs4.i586.rpm
cd60343d547090af2e9d0c3943d0aa81 corporate/4.0/SRPMS/vim-7.2.065-8.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
2956ef9554f0c8ffb523f243ad547ad0 corporate/4.0/x86_64/vim-common-7.2.065-8.3.20060mlcs4.x86_64.rpm
5a8d2fbb71645fe83b977df339dd2069 corporate/4.0/x86_64/vim-enhanced-7.2.065-8.3.20060mlcs4.x86_64.rpm
250987bbd2f083c308ea3849d9bdd524 corporate/4.0/x86_64/vim-minimal-7.2.065-8.3.20060mlcs4.x86_64.rpm
3636d25dd546e0ea06cee2d9539aea81 corporate/4.0/x86_64/vim-X11-7.2.065-8.3.20060mlcs4.x86_64.rpm
cd60343d547090af2e9d0c3943d0aa81 corporate/4.0/SRPMS/vim-7.2.065-8.3.20060mlcs4.src.rpm
Multi Network Firewall 2.0:
520cc910d9ee606478a83ac015814d09 mnf/2.0/i586/vim-common-7.2.065-9.3.C30mdk.i586.rpm
c826084eb33961639c40377fc9b6a9b4 mnf/2.0/i586/vim-enhanced-7.2.065-9.3.C30mdk.i586.rpm
2f724da0fe5da0022b298262f1188aa5 mnf/2.0/i586/vim-minimal-7.2.065-9.3.C30mdk.i586.rpm
1b626e0380d726aa8072089bd94eadfd mnf/2.0/SRPMS/vim-7.2.065-9.3.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFJPatcmqjQ0CJFipgRAp3vAJwMcdTivDsR5SM0N9sW/hnYXOb/YgCdFnRx
2uGyk940O65ZfGdUVa1xrEo=
=7tdF
-----END PGP SIGNATURE-----