CVE-2008-3076
published 2009-02-21CVE-2008-3076: The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the…
PriorityP354critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
9.02%
94.6th percentile
The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | vim | < vim 2:7.2.010-1 (bookworm) | vim 2:7.2.010-1 (bookworm) |
| vim | vim | — | — |
| vim | vim | >= 0 < 2:7.2.010-1 | 2:7.2.010-1 |
| vim | vim | >= 0 < 2:7.2.010-1 | 2:7.2.010-1 |
| vim | vim | >= 0 < 2:7.2.010-1 | 2:7.2.010-1 |
| vim | vim | >= 0 < 2:7.2.010-1 | 2:7.2.010-1 |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_debian9.3CRITICAL
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f5qf-9pc8-pr89: The Netrw plugin 125 in netrw
ghsa_unreviewed·2022-05-01·CVSS 9.3
CVE-2008-3076 [CRITICAL] CWE-78 GHSA-f5qf-9pc8-pr89: The Netrw plugin 125 in netrw
The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.
OSV
CVE-2008-3076: The Netrw plugin 125 in netrw
osv·2009-02-21·CVSS 9.3
CVE-2008-3076 [CRITICAL] CVE-2008-3076: The Netrw plugin 125 in netrw
The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.
Red Hat
plugin: lack of sanitization throughout netrw.vim can lead to arbitrary code execution
vendor_redhat·2008-07-15·CVSS 9.3
CVE-2008-3076 [CRITICAL] plugin: lack of sanitization throughout netrw.vim can lead to arbitrary code execution
plugin: lack of sanitization throughout netrw.vim can lead to arbitrary code execution
The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.
Statement: Not vulnerable. This issue did not affect the versions of the Vim packages, as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.
Note: This CVE is mentioned in the text of RHSA-2008:0580 as it was originally used to track multiple issues. Issues that affected Vim packages in Red Hat Enterprise Linux 5 were later assigned separat
Debian
CVE-2008-3076: vim - The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers ...
vendor_debian·2008·CVSS 9.3
CVE-2008-3076 [CRITICAL] CVE-2008-3076: vim - The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers ...
The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.
Scope: local
bookworm: resolved (fixed in 2:7.2.010-1)
bullseye: resolved (fixed in 2:7.2.010-1)
forky: resolved (fixed in 2:7.2.010-1)
sid: resolved (fixed in 2:7.2.010-1)
trixie: resolved (fixed in 2:7.2.010-1)
No detection rules found.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.htmlhttp://marc.info/?l=bugtraq&m=121494431426308&w=2http://marc.info/?l=oss-security&m=122416184431388&w=2http://secunia.com/advisories/34418http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0324http://www.mandriva.com/security/advisories?name=MDVSA-2008:236http://www.openwall.com/lists/oss-security/2008/07/07/1http://www.openwall.com/lists/oss-security/2008/07/07/4http://www.openwall.com/lists/oss-security/2008/07/08/12http://www.openwall.com/lists/oss-security/2008/10/20/2http://www.rdancer.org/vulnerablevim-netrw.htmlhttp://www.rdancer.org/vulnerablevim-netrw.v2.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0580.htmlhttp://www.securityfocus.com/bid/30115https://exchange.xforce.ibmcloud.com/vulnerabilities/43624http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.htmlhttp://marc.info/?l=bugtraq&m=121494431426308&w=2http://marc.info/?l=oss-security&m=122416184431388&w=2http://secunia.com/advisories/34418http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0324http://www.mandriva.com/security/advisories?name=MDVSA-2008:236http://www.openwall.com/lists/oss-security/2008/07/07/1http://www.openwall.com/lists/oss-security/2008/07/07/4http://www.openwall.com/lists/oss-security/2008/07/08/12http://www.openwall.com/lists/oss-security/2008/10/20/2http://www.rdancer.org/vulnerablevim-netrw.htmlhttp://www.rdancer.org/vulnerablevim-netrw.v2.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0580.htmlhttp://www.securityfocus.com/bid/30115https://exchange.xforce.ibmcloud.com/vulnerabilities/43624
2009-02-21
Published