ID de Prueba:	1.3.6.1.4.1.25623.1.0.122541
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2008-0580)
Resumen:	The remote host is missing an update for the 'vim' package(s) announced via the ELSA-2008-0580 advisory.
Descripción:	Summary: The remote host is missing an update for the 'vim' package(s) announced via the ELSA-2008-0580 advisory. Vulnerability Insight: [7.0.109-4.4z] - fix netrw [7.0.109-4.3z] - fixes CVE-2008-3074 (tar plugin) - fixes CVE-2008-3075 (zip plugin) - fixes CVE-2008-3076 (netrw plugin) - fixes CVE-2008-4101 (keyword and tag lookup) [7.0.109-4.2z] - fix some issues with netrw and remote file editing caused by the CVE-2008-2712 patch [7.0.109-4.1z] - more fixes for CVE-2008-2712 [7.0.109-4.z] - fix release [7.0.109-3.1z] - rebuild for z stream [7.0.109-3.6] - re-enable debuginfo [7.0.109-3.5] - update netrw files for CVE-2008-2712 [7.0.109-3.4] - add fixes for CVE-2007-2953 and CVE-2008-2712 Affected Software/OS: 'vim' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2953 BugTraq ID: 25095 http://www.securityfocus.com/bid/25095 Bugtraq: 20070730 FLEA-2007-0036-1 vim vim-minimal gvim (Google Search) http://www.securityfocus.com/archive/1/475076/100/100/threaded Bugtraq: 20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim (Google Search) http://www.securityfocus.com/archive/1/502322/100/0/threaded Debian Security Information: DSA-1364 (Google Search) http://www.debian.org/security/2007/dsa-1364 http://www.mandriva.com/security/advisories?name=MDKSA-2007:168 http://www.mandriva.com/security/advisories?name=MDVSA-2008:236 http://secunia.com/secunia_research/2007-66/advisory/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11549 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6463 http://www.redhat.com/support/errata/RHSA-2008-0580.html http://www.redhat.com/support/errata/RHSA-2008-0617.html http://secunia.com/advisories/25941 http://secunia.com/advisories/26285 http://secunia.com/advisories/26522 http://secunia.com/advisories/26594 http://secunia.com/advisories/26653 http://secunia.com/advisories/26674 http://secunia.com/advisories/26822 http://secunia.com/advisories/32858 http://secunia.com/advisories/33410 SuSE Security Announcement: SUSE-SR:2007:018 (Google Search) http://www.novell.com/linux/security/advisories/2007_18_sr.html http://www.trustix.org/errata/2007/0026/ http://www.ubuntu.com/usn/usn-505-1 http://www.attrition.org/pipermail/vim/2007-August/001770.html http://www.vupen.com/english/advisories/2007/2687 http://www.vupen.com/english/advisories/2009/0033 http://www.vupen.com/english/advisories/2009/0904 XForce ISS Database: vim-helptagsone-code-execution(35655) https://exchange.xforce.ibmcloud.com/vulnerabilities/35655 Common Vulnerability Exposure (CVE) ID: CVE-2008-2712 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html BugTraq ID: 29715 http://www.securityfocus.com/bid/29715 BugTraq ID: 31681 http://www.securityfocus.com/bid/31681 Bugtraq: 20080613 Collection of Vulnerabilities in Fully Patched Vim 7.1 (Google Search) http://www.securityfocus.com/archive/1/493352/100/0/threaded Bugtraq: 20080701 Re: Collection of Vulnerabilities in Fully Patched Vim 7.1 (Google Search) http://www.securityfocus.com/archive/1/493353/100/0/threaded http://marc.info/?l=bugtraq&m=121494431426308&w=2 Bugtraq: 20080811 rPSA-2008-0247-1 gvim vim vim-minimal (Google Search) http://www.securityfocus.com/archive/1/495319/100/0/threaded http://www.rdancer.org/vulnerablevim.html http://www.openwall.com/lists/oss-security/2008/06/16/2 http://www.openwall.com/lists/oss-security/2008/10/15/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11109 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6238 http://www.redhat.com/support/errata/RHSA-2008-0618.html http://www.securitytracker.com/id?1020293 http://secunia.com/advisories/30731 http://secunia.com/advisories/32222 http://secunia.com/advisories/32864 http://secunia.com/advisories/34418 http://securityreason.com/securityalert/3951 SuSE Security Announcement: SUSE-SR:2009:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://www.ubuntu.com/usn/USN-712-1 http://www.vupen.com/english/advisories/2008/1851/references http://www.vupen.com/english/advisories/2008/2780 XForce ISS Database: vim-scripts-command-execution(43083) https://exchange.xforce.ibmcloud.com/vulnerabilities/43083 Common Vulnerability Exposure (CVE) ID: CVE-2008-3074 BugTraq ID: 32462 http://www.securityfocus.com/bid/32462 http://www.rdancer.org/vulnerablevim-shellescape.html http://www.openwall.com/lists/oss-security/2008/07/07/1 http://www.openwall.com/lists/oss-security/2008/07/07/4 http://www.openwall.com/lists/oss-security/2008/07/08/12 http://www.openwall.com/lists/oss-security/2008/07/10/7 http://www.openwall.com/lists/oss-security/2008/07/13/1 http://www.openwall.com/lists/oss-security/2008/07/15/4 http://www.openwall.com/lists/oss-security/2008/08/01/1 http://www.openwall.com/lists/oss-security/2008/10/20/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10754 Common Vulnerability Exposure (CVE) ID: CVE-2008-3075 BugTraq ID: 32463 http://www.securityfocus.com/bid/32463 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10246 Common Vulnerability Exposure (CVE) ID: CVE-2008-4101 BugTraq ID: 30795 http://www.securityfocus.com/bid/30795 Bugtraq: 20080822 Vim: Arbitrary Code Execution in Commands: K, Control-], g] (Google Search) http://www.securityfocus.com/archive/1/495662 Bugtraq: 20080825 RE: Arbitrary Code Execution in Commands: K, Control-], g] (Google Search) http://www.securityfocus.com/archive/1/495703 http://groups.google.com/group/vim_dev/attach/9290f26f9bc11b33/K-arbitrary-command-execution.patch.v3?part=2 http://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2 http://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668e http://www.rdancer.org/vulnerablevim-K.html http://www.openwall.com/lists/oss-security/2008/09/11/4 http://www.openwall.com/lists/oss-security/2008/09/11/3 http://www.openwall.com/lists/oss-security/2008/09/16/5 http://www.openwall.com/lists/oss-security/2008/09/16/6 http://ftp.vim.org/pub/vim/patches/7.2/7.2.010 http://groups.google.com/group/vim_dev/msg/9290f26f9bc11b33 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10894 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5812 http://secunia.com/advisories/31592 XForce ISS Database: vim-normal-command-execution(44626) https://exchange.xforce.ibmcloud.com/vulnerabilities/44626 Common Vulnerability Exposure (CVE) ID: CVE-2008-6235 http://www.rdancer.org/vulnerablevim-netrw.html http://www.rdancer.org/vulnerablevim-netrw.v2.html http://www.rdancer.org/vulnerablevim-netrw.v5.html http://www.openwall.com/lists/oss-security/2008/10/16/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11247
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.