Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Fwd: Re: [USN-52-1] vim vulnerability
From: Ciaran McCreesh <ciaranm () gentoo org>
Date: Sun, 26 Dec 2004 15:12:53 +0000

On Sun, 26 Dec 2004 09:00:28 +0100 Sune Kloppenborg Jeppesen
<jaervosz () gentoo org> wrote:
| ----------  Forwarded Message  ----------
| 
| Subject: Re: [USN-52-1] vim vulnerability
| Date: Friday 24 December 2004 05:31
| From: Liu Die Yu <liudieyu () umbrella name>
| To: Martin Pitt <martin.pitt () canonical com>
| Cc: ubuntu-security-announce () lists ubuntu com, 
| full-disclosure () lists netsys com, bugtraq () securityfocus com
| 
| the credit really should go to Georgi Guninski who said:
<snip>

This is a different unrelated vulnerability which has been fixed for a
long time. The issues I found are not related to libcall*, rather they
rely upon exploiting wildcards to make vim source arbitrary files.

-- 
Ciaran McCreesh : Gentoo Developer (Vim, Fluxbox, Sparc, Mips)
Mail            : ciaranm at gentoo.org
Web             : http://dev.gentoo.org/~ciaranm

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]