[VIM] CVE-2006-7184 / OSVDB 33999 (Exhibit Engine)

George A. Theall theall at tenablesecurity.com
Mon Jan 5 00:59:57 UTC 2009

On Jan 3, 2009, at 2:40 AM, security curmudgeon wrote:

> CVE shows provenance unknown. I noticed that CVE/osvdb say  
> "fstyles.php" and "fetchsettings.php" are vulnerable. Nessus plugin  
> 23640 shows "styles.php" and I presume the author (not Tenable)  
> tested the script.

I grabbed the source for version 1.22 when Justin wrote the Nessus  
plugin. The distribution tarball contains 'fetchsettings.php' and a  
'styles.php' but no 'fstyles.php'.

I also have the source for the earlier 1.5 RC4 -- that contains  
'fetchsettings.php' but not 'styles.php' or 'fstyles.php'.

theall at tenablesecurity.com

More information about the VIM mailing list