Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] For all you vi heathen ;-)



I believe one important detail that is not said here in order to take advantage of this exploit is that a remote user needs to get access to rvim in order to exploit rvim. The exploit patch seems to fix the sandbox file write commands, so this would indicate that you are allowing remote people to access your system to run rvim in the first place. If you're allowing remote users in to access rvim then you're kinda opening the floodgates on any system.

https://github.com/vim/vim/commit/8c62a08faf89663e5633dc5036cd8695c80f1075

-osburn-


On Thu, 16 Jul 2020, Stephen J. Turnbull wrote:

Date: Thu, 16 Jul 2020 06:59:44
From: Stephen J. Turnbull <stephen@example.com>
Reply-To: Tokyo Linux Users Group <tlug@example.com>
To: tlug@example.com
Subject: [tlug] For all you vi heathen ;-)

Most recent MacOS update includes this RCE in vi.  From
https://support.apple.com/kb/HT211289:

   Vim
   Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
   Impact: A remote attacker may be able to cause arbitrary code execution
   Description: This issue was addressed with improved checks.
   CVE-2019-20807: Guilherme de Almeida Suckevicz

Bon apetit!





Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links