BID:30115

Netrw Vim Script Multiple Command Execution Vulnerabilities

Info

Netrw Vim Script Multiple Command Execution Vulnerabilities

Bugtraq ID:	30115
Class:	Input Validation Error
CVE:	CVE-2008-3076
Remote:	Yes
Local:	No
Published:	Jul 07 2008 12:00AM
Updated:	Mar 24 2009 05:46PM
Credit:	Jan Min&amp;amp;#225;r
Vulnerable:	Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux 5 server Mandriva Linux Mandrake 2009.0 x86_64 Mandriva Linux Mandrake 2009.0 Mandriva Linux Mandrake 2008.1 x86_64 Mandriva Linux Mandrake 2008.1 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Dr Chip netrw 125 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 armel Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0

Not Vulnerable:

Discussion

Netrw Vim Script Multiple Command Execution Vulnerabilities

Netrw is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data.

Successfully exploiting these issues can allow an attacker to execute arbitrary commands with the privileges of the user running the affected application.

Netrw 125 is vulnerable; other versions may also be affected.

Exploit / POC

Netrw Vim Script Multiple Command Execution Vulnerabilities

The following expoit code is available:

/data/vulnerabilities/exploits/vulnerablevim-netrw.tar.bz2

Solution / Fix

Netrw Vim Script Multiple Command Execution Vulnerabilities

Solution:
Updates are available. Please see the references for more information.

Debian Linux 4.0 amd64

Debian vim-common_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+ 1etch5_amd64.deb

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-full_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1e tch5_amd64.deb

Debian vim-gnome_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1 etch5_amd64.deb

Debian vim-gtk_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1et ch5_amd64.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-lesstif_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122 +1etch5_amd64.deb

Debian vim-perl_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1e tch5_amd64.deb

Debian vim-python_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+ 1etch5_amd64.deb

Debian vim-ruby_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1e tch5_amd64.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian vim-tcl_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1et ch5_amd64.deb

Debian vim-tiny_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1e tch5_amd64.deb

Debian vim_7.0-122+1etch5_amd64.deb
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ amd64.deb

Mandriva Linux Mandrake 2008.1 x86_64

Mandriva vim-common-7.2.065-9.2mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-9.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.2mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.2mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.2mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/

Debian Linux 4.0 ia-32

Debian vim-common_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+ 1etch5_i386.deb

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-full_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1e tch5_i386.deb

Debian vim-gnome_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1 etch5_i386.deb

Debian vim-gtk_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1et ch5_i386.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-lesstif_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122 +1etch5_i386.deb

Debian vim-perl_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1e tch5_i386.deb

Debian vim-python_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+ 1etch5_i386.deb

Debian vim-ruby_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1e tch5_i386.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian vim-tcl_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1et ch5_i386.deb

Debian vim-tiny_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1e tch5_i386.deb

Debian vim_7.0-122+1etch5_i386.deb
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ i386.deb

Debian Linux 4.0 arm

Debian vim-common_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+ 1etch5_arm.deb

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-full_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1e tch5_arm.deb

Debian vim-gnome_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1 etch5_arm.deb

Debian vim-gtk_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1et ch5_arm.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-lesstif_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122 +1etch5_arm.deb

Debian vim-perl_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1e tch5_arm.deb

Debian vim-python_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+ 1etch5_arm.deb

Debian vim-ruby_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1e tch5_arm.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian vim-tcl_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1et ch5_arm.deb

Debian vim-tiny_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1e tch5_arm.deb

Debian vim_7.0-122+1etch5_arm.deb
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ arm.deb

Mandriva Linux Mandrake 2008.1

Mandriva vim-common-7.2.065-9.2mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-9.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.2mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.2mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.2mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/

Debian Linux 4.0 hppa

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian Linux 4.0 sparc

Debian vim-common_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+ 1etch5_sparc.deb

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-full_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1e tch5_sparc.deb

Debian vim-gnome_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1 etch5_sparc.deb

Debian vim-gtk_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1et ch5_sparc.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-lesstif_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122 +1etch5_sparc.deb

Debian vim-perl_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1e tch5_sparc.deb

Debian vim-python_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+ 1etch5_sparc.deb

Debian vim-ruby_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1e tch5_sparc.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian vim-tcl_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1et ch5_sparc.deb

Debian vim-tiny_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1e tch5_sparc.deb

Debian vim_7.0-122+1etch5_sparc.deb
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ sparc.deb

Debian Linux 4.0 s/390

Debian vim-common_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+ 1etch5_s390.deb

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-full_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1e tch5_s390.deb

Debian vim-gnome_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1 etch5_s390.deb

Debian vim-gtk_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1et ch5_s390.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-lesstif_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122 +1etch5_s390.deb

Debian vim-perl_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1e tch5_s390.deb

Debian vim-python_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+ 1etch5_s390.deb

Debian vim-ruby_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1e tch5_s390.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian vim-tcl_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1et ch5_s390.deb

Debian vim-tiny_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1e tch5_s390.deb

Debian vim_7.0-122+1etch5_s390.deb
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ s390.deb

Mandriva Linux Mandrake 2009.0

Mandriva vim-common-7.2.065-9.2mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-9.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.2mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.2mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.2mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Debian Linux 4.0 powerpc

Debian vim-common_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+ 1etch5_powerpc.deb

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-full_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1e tch5_powerpc.deb

Debian vim-gnome_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1 etch5_powerpc.deb

Debian vim-gtk_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1et ch5_powerpc.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-lesstif_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122 +1etch5_powerpc.deb

Debian vim-perl_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1e tch5_powerpc.deb

Debian vim-python_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+ 1etch5_powerpc.deb

Debian vim-ruby_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1e tch5_powerpc.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian vim-tcl_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1et ch5_powerpc.deb

Debian vim-tiny_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1e tch5_powerpc.deb

Debian vim_7.0-122+1etch5_powerpc.deb
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ powerpc.deb

Debian Linux 4.0 alpha

Debian vim-common_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+ 1etch5_alpha.deb

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-full_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1e tch5_alpha.deb

Debian vim-gnome_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1 etch5_alpha.deb

Debian vim-gtk_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1et ch5_alpha.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-lesstif_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122 +1etch5_alpha.deb

Debian vim-perl_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1e tch5_alpha.deb

Debian vim-python_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+ 1etch5_alpha.deb

Debian vim-ruby_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1e tch5_alpha.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian vim-tcl_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1et ch5_alpha.deb

Debian vim-tiny_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1e tch5_alpha.deb

Debian vim_7.0-122+1etch5_alpha.deb
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ alpha.deb

Debian Linux 4.0 armel

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian Linux 4.0 m68k

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

MandrakeSoft Corporate Server 4.0

Mandriva vim-common-7.2.065-8.2.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-8.3.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-8.2.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-8.3.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-8.2.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-8.3.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-8.2.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-8.3.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/

Debian Linux 4.0

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Mandriva Linux Mandrake 2009.0 x86_64

Mandriva vim-common-7.2.065-9.2mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-9.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.2mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.2mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.2mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Debian Linux 4.0 mipsel

Debian vim-common_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+ 1etch5_mipsel.deb

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-full_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1e tch5_mipsel.deb

Debian vim-gnome_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1 etch5_mipsel.deb

Debian vim-gtk_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1et ch5_mipsel.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-lesstif_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122 +1etch5_mipsel.deb

Debian vim-perl_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1e tch5_mipsel.deb

Debian vim-python_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+ 1etch5_mipsel.deb

Debian vim-ruby_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1e tch5_mipsel.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian vim-tcl_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1et ch5_mipsel.deb

Debian vim-tiny_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1e tch5_mipsel.deb

Debian vim_7.0-122+1etch5_mipsel.deb
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ mipsel.deb

Mandriva Linux Mandrake 2008.0 x86_64

Mandriva vim-common-7.2.065-9.2mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-9.3mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.2mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.3mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.2mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.3mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.2mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.3mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva Linux Mandrake 2008.0

Mandriva vim-common-7.2.065-9.2mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-9.3mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.2mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.3mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.2mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.3mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.2mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.3mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/

Debian Linux 4.0 ia-64

Debian vim-common_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+ 1etch5_ia64.deb

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-full_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1e tch5_ia64.deb

Debian vim-gnome_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1 etch5_ia64.deb

Debian vim-gtk_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1et ch5_ia64.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-lesstif_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122 +1etch5_ia64.deb

Debian vim-perl_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1e tch5_ia64.deb

Debian vim-python_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+ 1etch5_ia64.deb

Debian vim-ruby_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1e tch5_ia64.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian vim-tcl_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1et ch5_ia64.deb

Debian vim-tiny_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1e tch5_ia64.deb

Debian vim_7.0-122+1etch5_ia64.deb
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ ia64.deb

Debian Linux 4.0 mips

Debian vim-common_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim-common_7.0-122+ 1etch5_mips.deb

Debian vim-doc_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-doc_7.0-122+1et ch5_all.deb

Debian vim-full_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim-full_7.0-122+1e tch5_mips.deb

Debian vim-gnome_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gnome_7.0-122+1 etch5_mips.deb

Debian vim-gtk_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gtk_7.0-122+1et ch5_mips.deb

Debian vim-gui-common_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-gui-common_7.0- 122+1etch5_all.deb

Debian vim-lesstif_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim-lesstif_7.0-122 +1etch5_mips.deb

Debian vim-perl_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim-perl_7.0-122+1e tch5_mips.deb

Debian vim-python_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim-python_7.0-122+ 1etch5_mips.deb

Debian vim-ruby_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim-ruby_7.0-122+1e tch5_mips.deb

Debian vim-runtime_7.0-122+1etch5_all.deb
http://security.debian.org/pool/updates/main/v/vim/vim-runtime_7.0-122 +1etch5_all.deb

Debian vim-tcl_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tcl_7.0-122+1et ch5_mips.deb

Debian vim-tiny_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim-tiny_7.0-122+1e tch5_mips.deb

Debian vim_7.0-122+1etch5_mips.deb
http://security.debian.org/pool/updates/main/v/vim/vim_7.0-122+1etch5_ mips.deb

MandrakeSoft Multi Network Firewall 2.0

Mandriva vim-common-7.2.065-9.2.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-9.3.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.2.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.3.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.2.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.3.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

MandrakeSoft Corporate Server 3.0 x86_64

Mandriva vim-common-7.2.065-9.2.C30mdk.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-9.3.C30mdk.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.2.C30mdk.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.3.C30mdk.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.2.C30mdk.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.3.C30mdk.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.2.C30mdk.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.3.C30mdk.x86_64.rpm
http://www.mandriva.com/en/download/

MandrakeSoft Corporate Server 3.0

Mandriva vim-common-7.2.065-9.2.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-9.3.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.2.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-9.3.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.2.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-9.3.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.2.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-9.3.C30mdk.i586.rpm
http://www.mandriva.com/en/download/

MandrakeSoft Corporate Server 4.0 x86_64

Mandriva vim-common-7.2.065-8.2.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-common-7.2.065-8.3.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-8.2.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-enhanced-7.2.065-8.3.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-8.2.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-minimal-7.2.065-8.3.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-8.2.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva vim-X11-7.2.065-8.3.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/

References

Netrw Vim Script Multiple Command Execution Vulnerabilities

References:

Arbitrary code execution in Netrw version 125, Vim 7.2a.10 (Jan Minár)
Vendor Homepage (Dr Chip)