[VIM] apt-webshop-system issue

Steven M. Christey coley at mitre.org
Mon Apr 10 18:27:29 EDT 2006

FYI, some vuln DBs are skipping this item from r0t's advisory:




This smells like directory traversal or some related issue.  I did not
investigate extensively since the vendor site is in German and the
source does not appear to be available; however, a simple modification
of the warp value in one of the "demo-shops" generated a verbose error
message that suggested a problem in pathname construction.

- Steve

More information about the VIM mailing list