[Full-Disclosure] Re: Fwd: Re: [USN-52-1] vim vulnerability
From: Ciaran McCreesh (ciaranm_at_gentoo.org)
Date: 12/26/04
- Previous message: Stephen Jimson: "[Full-Disclosure] Santy.b worm using AOL and YAHOO"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 26 Dec 2004 15:12:53 +0000 To: Liu Die Yu <liudieyu@umbrella.name>
On Sun, 26 Dec 2004 09:00:28 +0100 Sune Kloppenborg Jeppesen
<jaervosz@gentoo.org> wrote:
| ---------- Forwarded Message ----------
|
| Subject: Re: [USN-52-1] vim vulnerability
| Date: Friday 24 December 2004 05:31
| From: Liu Die Yu <liudieyu@umbrella.name>
| To: Martin Pitt <martin.pitt@canonical.com>
| Cc: ubuntu-security-announce@lists.ubuntu.com,
| full-disclosure@lists.netsys.com, bugtraq@securityfocus.com
|
| the credit really should go to Georgi Guninski who said:
<snip>
This is a different unrelated vulnerability which has been fixed for a
long time. The issues I found are not related to libcall*, rather they
rely upon exploiting wildcards to make vim source arbitrary files.
-- Ciaran McCreesh : Gentoo Developer (Vim, Fluxbox, Sparc, Mips) Mail : ciaranm at gentoo.org Web : http://dev.gentoo.org/~ciaranm
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/pgp-signature attachment: stored
- Previous message: Stephen Jimson: "[Full-Disclosure] Santy.b worm using AOL and YAHOO"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
