-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:236 http://www.mandriva.com/security/ _______________________________________________________________________ Package : vim Date : December 3, 2008 Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: Several vulnerabilities were found in the vim editor: A number of input sanitization flaws were found in various vim system functions. If a user were to open a specially crafted file, it would be possible to execute arbitrary code as the user running vim (CVE-2008-2712). Ulf Härnhammar of Secunia Research found a format string flaw in vim's help tags processor. If a user were tricked into executing the helptags command on malicious data, it could result in the execution of arbitrary code as the user running vim (CVE-2008-2953). A flaw was found in how tar.vim handled TAR archive browsing. If a user were to open a special TAR archive using the plugin, it could result in the execution of arbitrary code as the user running vim (CVE-2008-3074). A flaw was found in how zip.vim handled ZIP archive browsing. If a user were to open a special ZIP archive using the plugin, it could result in the execution of arbitrary code as the user running vim (CVE-2008-3075). A number of security flaws were found in netrw.vim, the vim plugin that provides the ability to read and write files over the network. If a user opened a specially crafted file or directory with the netrw plugin, it could result in the execution of arbitrary code as the user running vim (CVE-2008-3076). A number of input validation flaws were found in vim's keyword and tag handling. If vim looked up a document's maliciously crafted tag or keyword, it was possible to execute arbitary code as the user running vim (CVE-2008-4101). A vulnerability was found in certain versions of netrw.vim where it would send FTP credentials stored for an FTP session to subsequent FTP sessions to servers on different hosts, exposing FTP credentials to remote hosts (CVE-2008-4677). This update provides vim 7.2 (patchlevel 65) which corrects all of these issues and introduces a number of new features and bug fixes. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3074 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3075 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4677 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 9687145d46a754a50f26498399e42f84 2008.0/i586/vim-common-7.2.065-9.2mdv2008.0.i586.rpm 5ab8b8d113ef693c07cd79f693d47638 2008.0/i586/vim-enhanced-7.2.065-9.2mdv2008.0.i586.rpm cf40227e84aac1a17a1a2973685e6a1f 2008.0/i586/vim-minimal-7.2.065-9.2mdv2008.0.i586.rpm bf9cb876e1958d7b215a7039e1c52975 2008.0/i586/vim-X11-7.2.065-9.2mdv2008.0.i586.rpm 7b1b039b2ba0233b6535775ecd200e6d 2008.0/SRPMS/vim-7.2.065-9.2mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: fa3479b036e054ce12a0e680e95f28f6 2008.0/x86_64/vim-common-7.2.065-9.2mdv2008.0.x86_64.rpm d1e10ebfaa89c3ca0cc72624531c6950 2008.0/x86_64/vim-enhanced-7.2.065-9.2mdv2008.0.x86_64.rpm a8961516b64c325bf6662b44e1384885 2008.0/x86_64/vim-minimal-7.2.065-9.2mdv2008.0.x86_64.rpm eb6a696807d8a2e55d9a447266081bc4 2008.0/x86_64/vim-X11-7.2.065-9.2mdv2008.0.x86_64.rpm 7b1b039b2ba0233b6535775ecd200e6d 2008.0/SRPMS/vim-7.2.065-9.2mdv2008.0.src.rpm Mandriva Linux 2008.1: bf1bbb5c11dc18f5b626830f83324bab 2008.1/i586/vim-common-7.2.065-9.2mdv2008.1.i586.rpm 54426458bb7601d9b3fdfedfa16ee9c6 2008.1/i586/vim-enhanced-7.2.065-9.2mdv2008.1.i586.rpm ca94206e37b639a4577272d05ef10489 2008.1/i586/vim-minimal-7.2.065-9.2mdv2008.1.i586.rpm 8b58cee3b8ccee24408c1ed78215cb89 2008.1/i586/vim-X11-7.2.065-9.2mdv2008.1.i586.rpm 2886ecd9e5117b6464dc82e12bc41ee6 2008.1/SRPMS/vim-7.2.065-9.2mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: f56a2879dfbca889824074338eca652c 2008.1/x86_64/vim-common-7.2.065-9.2mdv2008.1.x86_64.rpm e813a7a4126f4b5413b6a3517bb57c97 2008.1/x86_64/vim-enhanced-7.2.065-9.2mdv2008.1.x86_64.rpm cfc262ca8e4995d5b648c282d05f9261 2008.1/x86_64/vim-minimal-7.2.065-9.2mdv2008.1.x86_64.rpm dce8110e159fe8b767d596346514d1e9 2008.1/x86_64/vim-X11-7.2.065-9.2mdv2008.1.x86_64.rpm 2886ecd9e5117b6464dc82e12bc41ee6 2008.1/SRPMS/vim-7.2.065-9.2mdv2008.1.src.rpm Mandriva Linux 2009.0: b94e841258ba0053a8c2e1c61d378ff4 2009.0/i586/vim-common-7.2.065-9.2mdv2009.0.i586.rpm 53b66549200b5a8a3374de12c56ca3c4 2009.0/i586/vim-enhanced-7.2.065-9.2mdv2009.0.i586.rpm a412c994a7d9f3111e2dfd4d629de72c 2009.0/i586/vim-minimal-7.2.065-9.2mdv2009.0.i586.rpm f1a2096a8b72c74ed3ef7df984491b66 2009.0/i586/vim-X11-7.2.065-9.2mdv2009.0.i586.rpm 49185b01a1d717513902ba49235023a0 2009.0/SRPMS/vim-7.2.065-9.2mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: dce4c150ca5f8beed2e6ec917ee8f36d 2009.0/x86_64/vim-common-7.2.065-9.2mdv2009.0.x86_64.rpm 8351ee5ccbbf039649c830befb16c8b6 2009.0/x86_64/vim-enhanced-7.2.065-9.2mdv2009.0.x86_64.rpm 25abc823231a1242ec9e00e08aeea08b 2009.0/x86_64/vim-minimal-7.2.065-9.2mdv2009.0.x86_64.rpm 8f18e3bf52e528294a8c027227163ea0 2009.0/x86_64/vim-X11-7.2.065-9.2mdv2009.0.x86_64.rpm 49185b01a1d717513902ba49235023a0 2009.0/SRPMS/vim-7.2.065-9.2mdv2009.0.src.rpm Corporate 3.0: 57eb3da62007c67d4dfff2184712e723 corporate/3.0/i586/vim-common-7.2.065-9.2.C30mdk.i586.rpm cd32782aeb6a12ff17d63436cf1b5bdd corporate/3.0/i586/vim-enhanced-7.2.065-9.2.C30mdk.i586.rpm 5fe6219ae51f930a61ac7719d483c4d2 corporate/3.0/i586/vim-minimal-7.2.065-9.2.C30mdk.i586.rpm ad522f08a5c827dc68c1c3d80dc96c05 corporate/3.0/i586/vim-X11-7.2.065-9.2.C30mdk.i586.rpm 5056d9e1057c60b0cc2514cfb14f6aef corporate/3.0/SRPMS/vim-7.2.065-9.2.C30mdk.src.rpm Corporate 3.0/X86_64: 934038cf8d1a329cf8020895ed3db7c3 corporate/3.0/x86_64/vim-common-7.2.065-9.2.C30mdk.x86_64.rpm 65d64cc850ebdcb6a47905c94df19437 corporate/3.0/x86_64/vim-enhanced-7.2.065-9.2.C30mdk.x86_64.rpm 138427402ee4d0dba3931861f43b17af corporate/3.0/x86_64/vim-minimal-7.2.065-9.2.C30mdk.x86_64.rpm 23ab99b940c3150ea185cbe0cf7a536a corporate/3.0/x86_64/vim-X11-7.2.065-9.2.C30mdk.x86_64.rpm 5056d9e1057c60b0cc2514cfb14f6aef corporate/3.0/SRPMS/vim-7.2.065-9.2.C30mdk.src.rpm Corporate 4.0: ccad6e665824b0af02d7cf6dc244800f corporate/4.0/i586/vim-common-7.2.065-8.2.20060mlcs4.i586.rpm 6259e89fdff3af4591f00aee85f6408d corporate/4.0/i586/vim-enhanced-7.2.065-8.2.20060mlcs4.i586.rpm a1899ec82783d087a67e598440c7d97b corporate/4.0/i586/vim-minimal-7.2.065-8.2.20060mlcs4.i586.rpm 1628ebe4b6bd2c0398689d8b63059ad4 corporate/4.0/i586/vim-X11-7.2.065-8.2.20060mlcs4.i586.rpm ff5ce0745012df27dba7c628be9696c2 corporate/4.0/SRPMS/vim-7.2.065-8.2.20060mlcs4.src.rpm Corporate 4.0/X86_64: 2cc05e275dfda62016b2ca250bc7abac corporate/4.0/x86_64/vim-common-7.2.065-8.2.20060mlcs4.x86_64.rpm 12628db58e590955b4fc52b9b9da35f2 corporate/4.0/x86_64/vim-enhanced-7.2.065-8.2.20060mlcs4.x86_64.rpm 81d3a71d955ef44e9adf0087a38b2048 corporate/4.0/x86_64/vim-minimal-7.2.065-8.2.20060mlcs4.x86_64.rpm 01db91a3cd0d64fba00beb7ac29121ab corporate/4.0/x86_64/vim-X11-7.2.065-8.2.20060mlcs4.x86_64.rpm ff5ce0745012df27dba7c628be9696c2 corporate/4.0/SRPMS/vim-7.2.065-8.2.20060mlcs4.src.rpm Multi Network Firewall 2.0: 17e4eff8ebdba9763a278a2d0e2f4ca3 mnf/2.0/i586/vim-common-7.2.065-9.2.C30mdk.i586.rpm a32e43b8fd1beaa139c108a14685b357 mnf/2.0/i586/vim-enhanced-7.2.065-9.2.C30mdk.i586.rpm ccd9d76b31b85005d465a11113db862e mnf/2.0/i586/vim-minimal-7.2.065-9.2.C30mdk.i586.rpm 27bd018672a8bc5aa5d15a7bc6e64dc0 mnf/2.0/SRPMS/vim-7.2.065-9.2.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJNyr0mqjQ0CJFipgRAvZIAKCt0kqq89JAQAR+RIP90e6/NLuz/gCgsJpo KAmfiIoMaojFy7qpIqRnGw4= =Cl2x -----END PGP SIGNATURE-----