ID de Prueba:	1.3.6.1.4.1.25623.1.0.51297
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2005:029 (vim)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to vim announced via advisory MDKSA-2005:029. Javier Fernandez-Sanguino Pena discovered two vulnerabilities in scripts included with the vim editor. The two scripts, tcltags and vimspell.sh created temporary files in an insecure manner which could allow a malicious user to execute a symbolic link attack or to create, or overwrite, arbitrary files with the privileges of the user invoking the scripts. The updated packages are patched to prevent this problem. Affected versions: 10.0, 10.1, Corporate Server 2.1, Corporate Server 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2005:029 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0069 Risk factor : Medium CVSS Score: 4.6
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0069 Bugtraq: 20050118 [USN-61-1] vim vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110608387001863&w=2 https://bugzilla.fedora.us/show_bug.cgi?id=2343 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9402 http://www.redhat.com/support/errata/RHSA-2005-036.html http://www.redhat.com/support/errata/RHSA-2005-122.html http://securitytracker.com/id?1012938 http://secunia.com/advisories/13841/ XForce ISS Database: vim-symlink(18870) https://exchange.xforce.ibmcloud.com/vulnerabilities/18870
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.