Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updatecommand execution

Fedora Core 2 2005-017 Critical: VIM Modeline Command Execution

Ciaran McCreesh discovered a modeline vulnerability in VIM. It is possible that a malicious user could create a file containing a specially crafted modeline which could cause arbitrary command execution when viewed by a victim. Please note that this issue only affects users who have modelines and filetype plugins enabled, which is not the default. Javier Fernández-Sanguino Peña discovered insecure usage of temporary files in two scripts shipped with vim. It is possible that a malicious user could guess the names of the temporary files and start a symlink attack.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-017 2005-01-12 ---------------------------------------------------------------------Product : Fedora Core 2 Name : vim Version : 6.3.054 Release : 0.fc2.1 Summary : The VIM editor. Description : VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. ---------------------------------------------------------------------Update Information: These packages fix a lot of minor issues and update vim to version 6.3 with the latest patch level currently available. Ciaran McCreesh discovered a modeline vulnerability in VIM. It is possible that a malicious user could create a file containing a specially crafted modeline which could cause arbitrary command execution when viewed by a victim. Please note that this issue only affects users who have modelines and filetype plugins enabled, which is not the default. The Common Vulnerabilities and Exposures project has assigned the name CAN-2004-1138 to this issue. Javier Fernández-Sanguino Peña discovered insecure usage of temporary files in two scripts shipped with vim. It is possible that a malicious user could guess the names of thetemporary files and start a symlink attack. ---------------------------------------------------------------------* Tue Jan 11 2005 Karsten Hopp 6.3.054-0.fc2.1 - patchlevel 54 - fix usage of temporary files (#144698) * Tue Dec 14 2004 Karsten Hopp 6.3.046-0.fc3.1 - patchlevel 46 (#142446) CAN-2004-1138 * Tue Oct 19 2004 Karsten Hopp 6.3.030-3 - fix dependencies on vim-common (#132371) * Mon Oct 11 2004 Karsten Hopp 6.3.030-2 - add cscope to vimrc so that cscope DB will be used automatically when available * Fri Oct 08 2004 Karsten Hopp 6.3.030-2 - patchlevel 30 ---------------------------------------------------------------------This update can be downloaded from: b6c258b80caab8a3b2b5ce9f2e27740c SRPMS/vim-6.3.054-0.fc2.1.src.rpm fcd204307748c400f700113b3f483dd6 x86_64/vim-common-6.3.054-0.fc2.1.x86_64.rpm ec0d100831f5ebca86d05cb8dd706162 x86_64/vim-minimal-6.3.054-0.fc2.1.x86_64.rpm 9c080e2547b11bae9e798c76e14fed67 x86_64/vim-enhanced-6.3.054-0.fc2.1.x86_64.rpm 92e5f1e2ffb98d2aa8908110a9ba3422 x86_64/vim-X11-6.3.054-0.fc2.1.x86_64.rpm 5aee899af794d4d7b9500d1851fe9fd8 x86_64/debug/vim-debuginfo-6.3.054-0.fc2.1.x86_64.rpm e71dc4c541260a63247e8827a613d913 i386/vim-common-6.3.054-0.fc2.1.i386.rpm 09638541a07d7a812f2828f881584dbf i386/vim-minimal-6.3.054-0.fc2.1.i386.rpm b1900f8fdac96db659a305c3f6018572 i386/vim-enhanced-6.3.054-0.fc2.1.i386.rpm 3cc4b0f836d405c9924e1dadd1a477b8 i386/vim-X11-6.3.054-0.fc2.1.i386.rpm fb0fe667dc0d601f7522c865ca64f8c7 i386/debug/vim-debuginfo-6.3.054-0.fc2.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest Fedora Core 2 release tackles a critical modeline flaw and a symbolic link vulnerability found in the VIM text editor, prioritizing user security.. Vim Security,FedoraUpdate,Command Execution,Symlink Attack,Modeline Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 12, 2005 Critical Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Linuxcritical

Red Hat Linux Updates: RHSA-2002:297-17 Critical Vim Command Risk

Georgi Guninski found that these comments can be carefully crafted in order to call external programs. This could allow an attacker to create a text file such that when it is opened arbitrary commands are executed.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated vim packages fix modeline vulnerability Advisory ID: RHSA-2002:297-17 Issue date: 2003-01-16 Updated on: 2003-01-15 Product: Red Hat Linux Keywords: vim modeline security Cross references: Obsoletes: RHEA-2002:017 CVE Names: CAN-2002-1377 --------------------------------------------------------------------- 1. Topic: Updated vim packages are now available for Red Hat Linux. These updates resolve a security issue when opening a specially crafted text file. 2. Relevant releases/architectures: Red Hat Linux 6.2 - i386 Red Hat Linux 7.0 - i386 Red Hat Linux 7.1 - i386 Red Hat Linux 7.2 - i386, ia64 Red Hat Linux 7.3 - i386 Red Hat Linux 8.0 - i386 3. Problem description: VIM (Vi IMproved) is a version of the vi editor. VIM allows a user to set the modeline differently for each edited text file by placing special comments in the files. Georgi Guninski found that these comments can be carefully crafted in order to call external programs. This could allow an attacker to create a text file such that when it is opened arbitrary commands are executed. Users of VIM are advised to upgrade to these errata packages which have been patched to disable the usage of dangerous functions in modelines. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed butincluded in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Linux 6.2: SRPMS: i386: Red Hat Linux 7.0: SRPMS: i386: Red Hat Linux 7.1: SRPMS: i386: Red Hat Linux 7.2: SRPMS: i386: ia64: Red Hat Linux 7.3: SRPMS: i386: Red Hat Linux 8.0: SRPMS: i386: 6. Verification: MD5 sum Package Name -------------------------------------------------------------------------- e9f881277e228d8fa236a62a4708c4cc 6.2/en/os/SRPMS/vim-6.1-18.6x.3.src.rpm 0e1ab8d86a448125d0d7ca46d4d03ce9 6.2/en/os/i386/vim-X11-6.1-18.6x.3.i386.rpm f591194bc8b067e9b17c128f41438c9c 6.2/en/os/i386/vim-common-6.1-18.6x.3.i386.rpm 2ffa90ad19b84cea780fbf97ba7f041e 6.2/en/os/i386/vim-enhanced-6.1-18.6x.3.i386.rpm cb3efa24eb8918f84d01102389e46c75 6.2/en/os/i386/vim-minimal-6.1-18.6x.3.i386.rpm 4577eb89b6c01717928cbbba1e8e8d1f 7.0/en/os/SRPMS/vim-6.1-18.7x.2.src.rpm 1ec98d3dae05d1b054130e39763ea992 7.0/en/os/i386/vim-X11-6.1-18.7x.2.i386.rpm 90ec6d2b9129dfce14b7cec28b01a155 7.0/en/os/i386/vim-common-6.1-18.7x.2.i386.rpm 732a4a8c7e45a24dab4713582ecdd197 7.0/en/os/i386/vim-enhanced-6.1-18.7x.2.i386.rpm e310b4b5a4fc1fc17d6e7389b0093c44 7.0/en/os/i386/vim-minimal-6.1-18.7x.2.i386.rpm 4577eb89b6c01717928cbbba1e8e8d1f 7.1/en/os/SRPMS/vim-6.1-18.7x.2.src.rpm 1ec98d3dae05d1b054130e39763ea992 7.1/en/os/i386/vim-X11-6.1-18.7x.2.i386.rpm 90ec6d2b9129dfce14b7cec28b01a155 7.1/en/os/i386/vim-common-6.1-18.7x.2.i386.rpm 732a4a8c7e45a24dab4713582ecdd1977.1/en/os/i386/vim-enhanced-6.1-18.7x.2.i386.rpm e310b4b5a4fc1fc17d6e7389b0093c44 7.1/en/os/i386/vim-minimal-6.1-18.7x.2.i386.rpm 4577eb89b6c01717928cbbba1e8e8d1f 7.2/en/os/SRPMS/vim-6.1-18.7x.2.src.rpm 1ec98d3dae05d1b054130e39763ea992 7.2/en/os/i386/vim-X11-6.1-18.7x.2.i386.rpm 90ec6d2b9129dfce14b7cec28b01a155 7.2/en/os/i386/vim-common-6.1-18.7x.2.i386.rpm 732a4a8c7e45a24dab4713582ecdd197 7.2/en/os/i386/vim-enhanced-6.1-18.7x.2.i386.rpm e310b4b5a4fc1fc17d6e7389b0093c44 7.2/en/os/i386/vim-minimal-6.1-18.7x.2.i386.rpm b0f8f9b715b76081f9eb6cfa8be4d66b 7.2/en/os/ia64/vim-X11-6.1-18.7x.2.ia64.rpm dde9fb8c41834ed2851e625baf8021fe 7.2/en/os/ia64/vim-common-6.1-18.7x.2.ia64.rpm 7d99e5d8c7acbee0e76c46d094a7c8a7 7.2/en/os/ia64/vim-enhanced-6.1-18.7x.2.ia64.rpm 2fe4f373692275e58f692c89f04bacaa 7.2/en/os/ia64/vim-minimal-6.1-18.7x.2.ia64.rpm 4577eb89b6c01717928cbbba1e8e8d1f 7.3/en/os/SRPMS/vim-6.1-18.7x.2.src.rpm 1ec98d3dae05d1b054130e39763ea992 7.3/en/os/i386/vim-X11-6.1-18.7x.2.i386.rpm 90ec6d2b9129dfce14b7cec28b01a155 7.3/en/os/i386/vim-common-6.1-18.7x.2.i386.rpm 732a4a8c7e45a24dab4713582ecdd197 7.3/en/os/i386/vim-enhanced-6.1-18.7x.2.i386.rpm e310b4b5a4fc1fc17d6e7389b0093c44 7.3/en/os/i386/vim-minimal-6.1-18.7x.2.i386.rpm 7662f8b82c03dc12af971abc7eec166c 8.0/en/os/SRPMS/vim-6.1-18.8x.1.src.rpm 0b19e93621c1a3bc34d8cbff32409c5b 8.0/en/os/i386/vim-X11-6.1-18.8x.1.i386.rpm 290188637a0f61a80e39954c9e8f3850 8.0/en/os/i386/vim-common-6.1-18.8x.1.i386.rpm 48a8bdfe8a6460c2f0498275f813dc97 8.0/en/os/i386/vim-enhanced-6.1-18.8x.1.i386.rpm da89d37820bc1441f51310ca93edf62a 8.0/en/os/i386/vim-minimal-6.1-18.8x.1.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at About You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 7. References: Some vim problems, yet still vim much better than windows http://marc.theaimsgroup.com/?l=full-disclosure&m=103972417823566 CVE -CVE-2002-1377 8. Contact: The Red Hat security contact is . More contact details at All Red Hat products Copyright 2003 Red Hat, Inc. _______________________________________________ Red Hat-watch-list mailing list To unsubscribe, visit: `. To combat command execution vulnerabilities in vim on Red Hat Linux, implement key strategies to improve your system's security and resilience against attacks. vim Security Flaw, Command Execution Fix, Red Hat Advisory, Modeline Vulnerability, Vim Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 16, 2003 Critical Red Hat
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here