diff options
author | Joey Hess <joeyh@debian.org> | 2005-09-07 16:56:57 +0000 |
---|---|---|
committer | Joey Hess <joeyh@debian.org> | 2005-09-07 16:56:57 +0000 |
commit | 72b2ae9675950803edddb5a34e86d033aedf7c58 (patch) | |
tree | 5a3cbb66f2328106ce917eb1e74d593b0993a318 /data/DTSA/advs | |
parent | fa8d0dc1dbe5f731f77444b17f7eb95a7c277415 (diff) |
new vim advisory
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1841 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/DTSA/advs')
-rw-r--r-- | data/DTSA/advs/0-hotzenplotz.adv | 2 | ||||
-rw-r--r-- | data/DTSA/advs/12-vim.adv | 14 |
2 files changed, 15 insertions, 1 deletions
diff --git a/data/DTSA/advs/0-hotzenplotz.adv b/data/DTSA/advs/0-hotzenplotz.adv index a821992d91..bd0b862d41 100644 --- a/data/DTSA/advs/0-hotzenplotz.adv +++ b/data/DTSA/advs/0-hotzenplotz.adv @@ -1,6 +1,6 @@ dtsa: DTSA-0-1 source: hotzenplotz -date: 2005-11-12 +date: September 7th, 2005 author: Wachtmeister Dimpfelmoser vuln-type: buffer overflows problem-scope: remote diff --git a/data/DTSA/advs/12-vim.adv b/data/DTSA/advs/12-vim.adv new file mode 100644 index 0000000000..242da6ec38 --- /dev/null +++ b/data/DTSA/advs/12-vim.adv @@ -0,0 +1,14 @@ +dtsa: DTSA-11-1 +source: vim +date: September 7th, 2005 +author: Joey Hess +vuln-type: modeline exploits +problem-scope: local +debian-specifc: no +cve: CAN-2005-2368 +testing-fix: 1:6.3-085+0.0etch1 +sid-fix: 1:6.3-085+1 + +vim modelines allow files to execute arbitrary commands via shell +metacharacters in the glob or expand commands of a foldexpr expression +for calculating fold levels. |