Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:029: vim Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the vim package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:029 (vim).
Javier Fernandez-Sanguino Pena discovered two vulnerabilities in scripts
included with the vim editor. The two scripts, 'tcltags' and 'vimspell.sh'
created temporary files in an insecure manner which could allow a malicious
user to execute a symbolic link attack or to create, or overwrite, arbitrary
files with the rights of the user invoking the scripts.
The updated packages are patched to prevent this problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:029
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.