FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

vim -- multiple vulnerabilities in the netrw module

Affected packages
7.0 <= vim < 7.2
7.0 <= vim-gnome < 7.2
7.0 <= vim-gtk2 < 7.2
7.0 <= vim-lite < 7.2

Details

VuXML ID 0e1e3789-d87f-11dd-8ecd-00163e000016
Discovery 2008-10-16
Entry 2009-01-02

Jan Minar reports:

Applying the ``D'' to a file with a crafted file name, or inside a directory with a crafted directory name, can lead to arbitrary code execution.

Lack of sanitization throughout Netrw can lead to arbitrary code execution upon opening a directory with a crafted name.

The Vim Netrw Plugin shares the FTP user name and password across all FTP sessions. Every time Vim makes a new FTP connection, it sends the user name and password of the previous FTP session to the FTP server.

References

CVE Name CVE-2008-3076
Message http://www.openwall.com/lists/oss-security/2008/10/16/2
URL http://www.rdancer.org/vulnerablevim-netrw-credentials-dis.html
URL http://www.rdancer.org/vulnerablevim-netrw.html
URL http://www.rdancer.org/vulnerablevim-netrw.v2.html
URL http://www.rdancer.org/vulnerablevim-netrw.v5.html