On Sun, 26 Dec 2004 09:00:28 +0100 Sune Kloppenborg Jeppesen <jaervosz@xxxxxxxxxx> wrote: | ---------- Forwarded Message ---------- | | Subject: Re: [USN-52-1] vim vulnerability | Date: Friday 24 December 2004 05:31 | From: Liu Die Yu <liudieyu@xxxxxxxxxxxxx> | To: Martin Pitt <martin.pitt@xxxxxxxxxxxxx> | Cc: ubuntu-security-announce@xxxxxxxxxxxxxxxx, | full-disclosure@xxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx | | the credit really should go to Georgi Guninski who said: <snip> This is a different unrelated vulnerability which has been fixed for a long time. The issues I found are not related to libcall*, rather they rely upon exploiting wildcards to make vim source arbitrary files. -- Ciaran McCreesh : Gentoo Developer (Vim, Fluxbox, Sparc, Mips) Mail : ciaranm at gentoo.org Web : http://dev.gentoo.org/~ciaranm
Attachment:
pgp00082.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html