安全研究

安全漏洞
Vim Shell转义命令执行漏洞

发布日期:2008-08-19
更新日期:2008-08-26

受影响系统:
VIM Development Group VIM 3.00 - 7.2
描述:
BUGTRAQ  ID: 30795
CVE(CAN) ID: CVE-2008-4101

VIM是一款免费开放源代码文本编辑器,可使用在Unix/Linux操作系统下。

Vim在执行K、<C-]>、g]等命令时没有充分地过滤某些输入,允许远程攻击者执行任意Vim脚本或shell命令。

以下是src/normal.c文件中的有漏洞代码段:

    5514        if (cmdchar == '*')
    5515        aux_ptr = (char_u *)(p_magic ? "/.*~[^$\\" : "/^$\\");
    5516        else if (cmdchar == '#')
    5517        aux_ptr = (char_u *)(p_magic ? "/?.*~[^$\\" : "/?^$\\");
    5518        else if (cmdchar == 'K' && !kp_help)
--> 5519        aux_ptr = (char_u *)" \t\\\"|!";
    5520        else
    5521        /* Don't escape spaces and Tabs in a tag with a backslash */
--> 5522        aux_ptr = (char_u *)"\\|\"";
    5523    
    5524        p = buf + STRLEN(buf);
    5525        while (n-- > 0)
    5526        {
    5527        /* put a backslash before \ and some others */
    5528        if (vim_strchr(aux_ptr, *ptr) != NULL)
    5529            *p++ = '\\';
    5530    #ifdef FEAT_MBYTE
    5531        /* When current byte is a part of multibyte character, copy all bytes
    5532         * of that character. */
    5533        if (has_mbyte)
    5534        {
    5535            int i;
    5536            int len = (*mb_ptr2len)(ptr) - 1;
    5537    
    5538            for (i = 0; i < len && n >= 1; ++i, --n)
    5539            *p++ = *ptr++;
    5540        }
    5541    #endif
    5542        *p++ = *ptr++;
    5543        }
    5544        *p = NUL;
    5545    
    5546        /*
    5547         * Execute the command.
    5548         */
    5549        if (cmdchar == '*' || cmdchar == '#')
    5550        {
    5551        if (!g_cmd && (
    5552    #ifdef FEAT_MBYTE
    5553            has_mbyte ? vim_iswordp(mb_prevptr(ml_get_curline(), ptr)) :
    5554    #endif
    5555            vim_iswordc(ptr[-1])))
    5556            STRCAT(buf, "\\>");
    5557    #ifdef FEAT_CMDHIST
    5558        /* put pattern in search history */
    5559        add_to_history(HIST_SEARCH, buf, TRUE, NUL);
    5560    #endif
    5561        normal_search(cap, cmdchar == '*' ? '/' : '?', buf, 0);
    5562        }
    5563        else
--> 5564        do_cmdline_cmd(buf);

aux_ptr变量中包含有需要转义的字符,其中5519行为K命令参数,5522行为Control-]命令和g]命令参数。命令经过汇编后在5564行以Ex命令执行。由于没有对上述命令执行shell转义,如果用户受骗打开了恶意文件就可能导致执行任意命令。

<*来源:Ben Schmidt
  
  链接:http://secunia.com/advisories/31592/
        http://marc.info/?l=bugtraq&m=121942586409231&w=2#2
        https://www.redhat.com/support/errata/RHSA-2008-0618.html
        https://www.redhat.com/support/errata/RHSA-2008-0617.html
        https://www.redhat.com/support/errata/RHSA-2008-0580.html
        http://www.debian.org/security/2009/dsa-1733
*>

测试方法:

警 告

以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!

将示例拷贝到单独的文件:

    ;xclock
    vim: set iskeyword=;,@

将光标停留在xclock上并按K键,会出现xclock。

    ;date>>pwned
    vim: set iskeyword=1-255

将光标停留在date上并按K键,会在当前工作目录创建pwned文件。

建议:
厂商补丁:

Debian
------
Debian已经为此发布了一个安全公告(DSA-1733-1)以及相应补丁:
DSA-1733-1:New vim packages fix multiple vulnerabilities
链接:http://www.debian.org/security/2009/dsa-1733

补丁下载:
Source archives:

http://security.debian.org/pool/updates/main/v/vim/vim_7.0.orig.tar.gz
Size/MD5 checksum:  8457888 9ba05680b0719462f653e82720599f32
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5.diff.gz
Size/MD5 checksum:   309257 3fb68c04086cf384e9a0be519a0faa6d
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5.dsc
Size/MD5 checksum:     1445 f49da047b6b5836abfe2d7d93d30d11d

Architecture independent packages:

http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0-122+1etch5_all.deb
Size/MD5 checksum:   166080 77259d158e96c1406dba1f1b4b47a2d2
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122+1etch5_all.deb
Size/MD5 checksum:  6436142 3e7fee588474fbc9ad1110ae78cdffb5
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1etch5_all.deb
Size/MD5 checksum:  2048224 d5005e3efc24d3d7bd3d6a9c7b01cc42

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:  1072856 8193230db603c1254188fc2013288c55
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:  1158448 6ceb30fd5932d2945b962dee13d4f4cf
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:   925404 23d8b9608aaf47fe3a651aedd3b3c3ce
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:   205362 0c7fb486c98a609ac9185c2a794c4ef8
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:  1065236 90a42e55852d6450cbd79b10a2dd9582
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:  1080626 973d5e77cf259e3025fb73d9e5734e51
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:  1124104 59ef34ed09e3f8e1d2d01c7a419dd15f
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:   681132 4dd97b0d70f400ce31e75a7c005103fc
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:  1069628 9a8757df139e529a7f04edaa015c0db4
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:  1118000 5553bc93d68daa7010bd2b439603a805
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1etch5_alpha.deb
Size/MD5 checksum:  1129778 7c68287a63f92c85bbe7c451e0cd79db

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:   970296 adb9326145046a8517f29430d9185356
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:  1024798 474fc78e7e8d1baefbfbbb3b803c4593
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:   615478 70ac9e55bb99b0e1b5d22f105e099ce0
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:  1019868 97ecb9505f3497309aeff9c821da7451
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:  1029122 0b446946ede11c6bd0acca6c701f7043
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:   961786 6d0d2f78b0111b1b996fabec5b697230
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:   835050 3cfcc7270baad54009293a3aacb1587a
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:   972692 71f4f5e25b0962058740ba4d718b7ee0
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:   203924 5c46591877f80de331011eb2fc8922e2
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:  1055448 750e596ed6bf61bd0c369834577d0760
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1etch5_amd64.deb
Size/MD5 checksum:   977848 70898b3a8793165593e2279df412847d

arm architecture (ARM)

http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   880468 e49632c4a2368c7caf5321e1d501f5d2
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   959492 8f06863583aa9d8de9e0bae69bdb22ec
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   194216 9f1a19f592d16ee5984e70309fd3046e
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   936934 a32d6e6c4c655469db40537d5e67ed46
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   925570 7ec6e1bd4de8d545fdd452b630ef4200
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   875960 d40a82f95a046771e12158c715394b44
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   548658 b65534d4f507d17343338b209fb4a7ef
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   930386 db9786b5c368e0f7d0c85137720ac265
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   885960 f0a44d7da770bc2c28dd18ac48fcc5f0
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   878132 8afa2754690619255e62c685ecbd7384
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_arm.deb
Size/MD5 checksum:   756278 7d66f29205b21154a9ef1a4cd544b2f1

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   918284 2dbb674af6d8fb2906bd7ed6fec1dd95
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   215990 07fc4b6106d1316c92338aa5c5645a2f
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   540652 9c15ac5b85c605011d1b0ab4b13b0269
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   947842 cd7147610def6f6aebfc8ddd14a1f7ed
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   914094 0273374e2bba8706ac12ee449c1835e3
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   866124 00dd2547963789615b71b0f0fb291eb9
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   868326 3f04461e4f0414368fe60e0f4085d28c
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   873570 dae9ebb6f4e2cd0c3d82e5e547dd1957
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   860292 467ce64f0171f10ac4149e5716f651da
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   745560 ade89928c860c4990ec6e202a294f0c8
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1etch5_i386.deb
Size/MD5 checksum:   924858 1942cedccbe124303b4ad0f7c650f0c6

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:  1591938 aaa5a72cfdacb3c3d2574390902bcfa2
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:  1523258 08f9a82ec68f452e1701f11b9c20d0e3
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:  1530006 9b77cd0ec49c8519d0c1af0914092260
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:  1538210 3dbde934956291182e5bf61157a80b44
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:  1575130 e328ca048ee883dba500128a2a06fc88
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:  1525510 e3736c90e105fa354c691546bec3922b
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:  1325622 693a3412efd63e8ac0d975b4fcae3ac5
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:  1627904 90ca86e74caf9c0367c20b32eb9d42b3
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:   970874 2dccfb8e2287cd9e6285545e43dac87a
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:  1585804 06a43c2668bf468ffe521880cc497518
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+1etch5_ia64.deb
Size/MD5 checksum:   184650 516d8eddce4e6628e8b6ee32f55ce2aa

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1etch5_mips.deb
Size/MD5 checksum:  1061694 a2e9b2bc8f31cf878805dbc1babd4074
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1etch5_mips.deb
Size/MD5 checksum:  1027336 d86f7c3fab9143c1c93d82b3762f8c0d
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+1etch5_mips.deb
Size/MD5 checksum:   215734 c23239c8579e53a4277325a048567e75
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122+1etch5_mips.deb
Size/MD5 checksum:  1021942 d75231c3c7950785df8f52680e28c956
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1etch5_mips.deb
Size/MD5 checksum:  1029478 e74670d4918287fb3d05436419b7f5a9
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1etch5_mips.deb
Size/MD5 checksum:  1037498 ac41c65a077d84f0f5405356d0b52ef1
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1etch5_mips.deb
Size/MD5 checksum:   654740 994339f109e5db97079633b5249bd8d2
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+1etch5_mips.deb
Size/MD5 checksum:  1034390 2c4337c763ea13a11e13b711c25313b5
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1etch5_mips.deb
Size/MD5 checksum:  1033336 eb70a508dd3a9f30f31a87c4a2266959
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1etch5_mips.deb
Size/MD5 checksum:  1024984 8d99fbb2712f791c3a0989929cf3f0a4
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_mips.deb
Size/MD5 checksum:   884306 7aeb2418d5366493e09306cb0dff0080

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:   884962 b58372db99660ff0e4f547b3c66335e2
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:  1034202 0622c0fac8ee51c7dd403a2d3a709f1f
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:  1024616 fa6a91224476aadab8e9086031c93843
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:   655488 9ecdf0e56665da0aff429e23e9c0cb85
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:  1061362 accba14e8f0043ef3a0b9be85ae481cd
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:   181736 5ba79db87623562481162cbac53ec2b6
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:  1037954 28979a474d512ec1abfb33a598b524c7
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:  1026874 5c10e35e281ec28eecc36b8fa80ef0d7
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:  1032800 75be0356398f5a88e836eafccdf11154
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:  1029056 0a13b0913667d03e2d3875611498c54c
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122+1etch5_mipsel.deb
Size/MD5 checksum:  1022658 18d03119dc62eaca237a2513cba2c0ca

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:   996154 f3c3d5660dd3e5e7fdb325a1f9ee80f3
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:  1019842 f626233054124e014d335722e6b7b1f5
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:   592366 e4bd0cbf615c36476bff4979d0987393
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:   936024 be64d238a9cbf4d938999472026fde89
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:   808854 7dfff56d11567d2dabafa290618b5e18
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:   990262 6114d3fcd53521a8c2cd317d586b6fcd
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:   933488 503e433ae6fd737f2b3ae48698e8e671
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:   985094 28babdde5091f90ae7b64f6e33c6c50f
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:   943596 3beb1be6cde901814742b33ee4973142
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:   181648 b71e88d76eacbfa861c24c6c21881f66
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1etch5_powerpc.deb
Size/MD5 checksum:   938174 3a729f2922d8e84b222947a18bc6ace3

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1etch5_s390.deb
Size/MD5 checksum:  1023236 1ee38cca410e5bd069a72a325fd8147e
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+1etch5_s390.deb
Size/MD5 checksum:  1019258 e1f6cae1e293d3cb212ff17dd7beb264
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1etch5_s390.deb
Size/MD5 checksum:  1049408 4b1f42bb092f9dd62d7324e430a1a88e
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_s390.deb
Size/MD5 checksum:   825560 2b8b69171c45094c184e357b1a6a7336
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122+1etch5_s390.deb
Size/MD5 checksum:   955228 ceea2d07ea609414724aeedae57a3a0a
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1etch5_s390.deb
Size/MD5 checksum:   965878 824e5bfdcc9a8ed7ee54e4553c9461f8
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1etch5_s390.deb
Size/MD5 checksum:   971822 194d010d7aea2f2c47075b6f205de0c1
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1etch5_s390.deb
Size/MD5 checksum:   963294 a7636d870a3bc1de7fc8248d35c74cf3
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1etch5_s390.deb
Size/MD5 checksum:   610092 6762beafb4e7376087c4f8962d1521f6
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+1etch5_s390.deb
Size/MD5 checksum:   181488 00d25451b3c22213bf5eb807a6d4a75f
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1etch5_s390.deb
Size/MD5 checksum:  1013748 598ccccd6f90df0ca7bedd5ec1d136c7

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   881430 2688537934012af957695fea329b48a1
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   545376 1ea2967048cd369cc870441f5caeb1b1
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   867886 f663757c3929af6b241a91efa07a626a
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   928250 9c0199efd36a47c6d05861af5e04ff02
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   874108 4d351161d497905352ac6ef1dcabfc9e
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   934390 2151ef35c9424c90850c579f90effce4
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   874100 c05ccf6f4ffb15037cfd794647848617
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   204512 1e3590447f3f0804e9fe27ea61959b31
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   876370 1782507a950cbb17519d768f5655278a
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   751910 582313f03a36980fab96074ee218c0eb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1etch5_sparc.deb
Size/MD5 checksum:   952632 31875cb1a0037cf8923e7eda269ead80

补丁安装方法:

1. 手工安装补丁包:

  首先,使用下面的命令来下载补丁软件:
  # wget url  (url是补丁下载链接地址)

  然后,使用下面的命令来安装补丁:  
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包:

   首先,使用下面的命令更新内部数据库:
   # apt-get update
  
   然后,使用下面的命令安装更新软件包:
   # apt-get upgrade

RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2008:0580-01)以及相应补丁:
RHSA-2008:0580-01:Moderate: vim security update
链接:https://www.redhat.com/support/errata/RHSA-2008-0580.html

VIM Development Group
---------------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2

浏览次数:4185
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障
关于我们
公司介绍
公司荣誉
公司新闻
联系我们
公司总部
分支机构
海外机构
快速链接
绿盟云
绿盟威胁情报中心NTI
技术博客