[VIM] CVE-2006-1780

Steven M. Christey coley at linus.mitre.org
Tue Apr 25 14:33:17 EDT 2006


On Wed, 19 Apr 2006, Sullo wrote:

> I know this is a long-shot, but does anyone have any information as to
> how this is exploited?  All the statements are pretty vague about
> whether this allows a single user to DoS other users, or if it's just
> their own processes...

If it's a self-DoS, I wouldn't expect it to be labeled a security issue.

Unfortunately, I don't know any more than what's in the Sun advisory.  I
suspect that it might involve temporary files that are created to support
pipes or some other form of IPC.  Maybe another user can kill a file while
it's being used, but I wouldn't expect that to happen in a directory with
the sticky bit set.  So, I'm at a loss here...

- Steve


More information about the VIM mailing list