[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Vulnerability in VIM?

Opening a specially crafted text file with vim can execute arbitrary
commands and pass parameters to them.
Some exploit scenarios include mail user agents which use vim as editor
(mutt) or examining log files with vim. The malicous text should be near
the begining or the end of the file which mitigates the risk.

The problem are so called modelines, which can execute some commands in
vim, though they are intended to be sandboxed.

The cure is to put "set modelines=0" in ~/.vimrc or /etc/vim/vimrc.

Is the cure worse than the disease?

| Ron Johnson, Jr.     mailto:ron.l.johnson@cox.net          |
| Jefferson, LA  USA   http://members.cox.net/ron.l.johnson  |
|                                                            |
| "Basically, I got on the plane with a bomb. Basically, I   |
|  tried to ignite it. Basically, yeah, I intended to damage |
|  the plane."                                               |
|    RICHARD REID, who tried to blow up American Airlines    |
|                  Flight 63                                 |

Reply to: