Date: Wed, 11 Apr 2001 13:33:28 -0600 From: Caldera Support Information <[email protected]> Subject: Security Update: vim - embedded modline exploits CSSA-2001-014.0
Caldera Systems, Inc. Security Advisory
Subject: vim - embedded modline exploits Advisory number: CSSA-2001-014.0 Issue date: 2001 April, 11
Cross reference:
- Problem Description
There exists a possibility for an attacker to embed special
modelines into a text file which when opened with vim could
compromise the account of the user.
Also editing files in world writeable directories like /tmp
could lead to a local attacker gaining access to the editing users
account due to possible symlink attacks on editor backup and swap
files.
2. Vulnerable Versions
System Package
OpenLinux 2.3 All packages previous to
vim-5.7-12
OpenLinux eServer 2.3.1 All packages previous to
and OpenLinux eBuilder vim-5.7-12
OpenLinux eDesktop 2.4 All packages previous to
vim-5.7-12
3. Solution
Workaround
none
The proper solution is to upgrade to the latest packages.
4. OpenLinux 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera’s FTP site at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS
4.2 Verification
6f57e2a30063af5973c98734bd56099e RPMS/vim-5.7-12.i386.rpm
e53bbd8b9cd8020015d08edcbe8c872a RPMS/vim-X11-5.7-12.i386.rpm
1914bb9b40d72a0bfdd1997890b7c05a RPMS/vim-help-5.7-12.i386.rpm
9edf7f1fc3f60ac1b4102083b6f6c2a2 SRPMS/vim-5.7-12.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv vim-*.i386.rpm
5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential
3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera’s FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
c3f3502b0347c9e823daa1108ec832f3 RPMS/vim-5.7-12.i386.rpm
2efd3e378dc7fe0a2d0095cc2e14cb9e RPMS/vim-X11-5.7-12.i386.rpm
e318e2517708a060130bacd3477cf424 RPMS/vim-help-5.7-12.i386.rpm
9edf7f1fc3f60ac1b4102083b6f6c2a2 SRPMS/vim-5.7-12.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh vim-*i386.rpm
6. OpenLinux eDesktop 2.4
6.1 Location of Fixed Packages
The upgrade packages can be found on Caldera’s FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS
6.2 Verification
74813272a373c5f28d2a29380e173e40 RPMS/vim-5.7-12.i386.rpm
26b8f47c0786c7c6b6fd95bab5499689 RPMS/vim-X11-5.7-12.i386.rpm
eb52a3275bb642eccb36b443c8fb82c2 RPMS/vim-help-5.7-12.i386.rpm
9edf7f1fc3f60ac1b4102083b6f6c2a2 SRPMS/vim-5.7-12.src.rpm
6.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh vim-*i386.rpm
7. References
This and other Caldera security resources are located at:
http://www.calderasystems.com/support/security/index.html
This security fix closes Caldera’s internal Problem Reports
9682, 9609.
8. Disclaimer
Caldera Systems, Inc. is not responsible for the misuse of any
of the information we provide on this website and/or through our
security advisories. Our advisories are a service to our customers
intended to promote secure installation and use of Caldera
OpenLinux.
9. Acknowledgements:
Caldera International wishes to thank the VIM team for being
very responsive and providing a timely fix to the problem.