This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Georgi Guninski discovered a way to construct Vim modelines that
execute arbitrary shell commands. The vulnerability can be exploited
by including shell commands in modelines that call the glob() or
expand() functions. An attacker could trick an user to read or edit a
trojaned file with modelines enabled, after which the attacker is able
to execute arbitrary commands with the privileges of the user.
Note: It is generally recommended that VIM users use set nomodeline in
~/.vimrc to avoid the possibility of trojaned text files.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true