GLSA-201701-29 : Vim, gVim: Remote execution of arbitrary code

Medium Nessus Plugin ID 96423

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-201701-29 (Vim, gVim: Remote execution of arbitrary code)

Vim and gVim do not properly validate values for the ‘filetype’, ‘syntax’, and ‘keymap’ options.
Impact :

A remote attacker could entice a user to open a specially crafted file using Vim/gVim with certain modeline options enabled possibly resulting in execution of arbitrary code with the privileges of the process.
Workaround :

Disabling modeline support in .vimrc by adding “set nomodeline” will prevent exploitation of this flaw. By default, modeline is enabled for ordinary users but disabled for root.

Solution

All Vim users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=app-editors/vim-8.0.0106' All gVim users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=app-editors/gvim-8.0.0106'

See Also

https://security.gentoo.org/glsa/201701-29

Plugin Details

Severity: Medium

ID: 96423

File Name: gentoo_GLSA-201701-29.nasl

Version: 3.2

Type: local

Published: 2017/01/12

Updated: 2019/08/12

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:gvim, p-cpe:/a:gentoo:linux:vim, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Patch Publication Date: 2017/01/11

Vulnerability Publication Date: 2016/11/23

Reference Information

CVE: CVE-2016-1248

GLSA: 201701-29