65025 – (CVE-2005-0069) VUL-0: CVE-2005-0069: vim: insecure temp file handling

Bug 65025 (CVE-2005-0069) - VUL-0: CVE-2005-0069: vim: insecure temp file handling

Summary: VUL-0: CVE-2005-0069: vim: insecure temp file handling

Status:	RESOLVED FIXED

Alias:	CVE-2005-0069

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	All Linux

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Mads Martin Joergensen
QA Contact:	Security Team bot

URL:
Whiteboard:	CVE-2005-0069: CVSS v2 Base Score: 4....
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2005-01-20 20:23 UTC by Thomas Biege
Modified:	2021-10-27 11:53 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
vendor-sec discussion (9.30 KB, text/plain) 2005-01-20 20:57 UTC, Thomas Biege	Details
vim.diff (975 bytes, patch) 2005-01-20 20:57 UTC, Thomas Biege	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Biege 2005-01-20 20:23:13 UTC

Hi mmj, 
and we got another issue. Now it's insecure creation/usage of temp. files. 
 
http://secunia.com/advisories/13841/ 
 
CAN-2005-0069 
 
I'll append the full discussion and patch ASAP.

Comment 1 Thomas Biege 2005-01-20 20:23:13 UTC

<!-- SBZ_reproduce  -->
-

Comment 2 Thomas Biege 2005-01-20 20:57:27 UTC

Created attachment 27784 [details]
vendor-sec discussion

Comment 3 Thomas Biege 2005-01-20 20:57:41 UTC

Created attachment 27785 [details]
vim.diff

Comment 4 Mads Martin Joergensen 2005-01-21 03:00:11 UTC

Am I right in assuming that since these tools are the nature they are
we just want a fix for STABLE, and don't want to go through full security
update?

Comment 5 Mads Martin Joergensen 2005-01-21 03:14:13 UTC

Fixed, reopen if you want a full blown advisory.

Comment 6 Thomas Biege 2005-01-21 17:34:17 UTC

it's ok. thx.

Comment 7 Thomas Biege 2009-10-13 20:59:14 UTC

CVE-2005-0069: CVSS v2 Base Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)