Date: Tue, 21 Nov 2017 16:11:46 +0100 From: Matthias Weckbecker <matthias@...kbecker.name> To: oss-security@...ts.openwall.com Subject: Re: Fw: Security risk of vim swap files Hi, On Tue, Oct 31, 2017 at 01:23:52PM +0100, Hanno Boeck wrote: > I just sent this to the vim dev list, but I guess it's interesting for > oss-security, too. > [...] > > I wanted to point out an issue here with vim swap files that make them > a security problem. this is not limited to swap files. > > On web servers this can be a severe security risk. One can e.g. scan > for web hosts that have swap files of PHP configuration files and thus > expose settings like database passwords. (e.g. wget > http://example.com/.wp-config.php.swp ) > > In a scan of the alexa top 1 million I found ~750 instances of such > files. I tried to inform affected people as best as I could. I also > discovered such scans in my own web server logs, so I assume black hats > are already aware of this and it's actively exploitet. > One might want to consider adding e.g. .un~ files to the scanning too. Unless 'undodir' is configured in ~/.vimrc, those files end up in the same directory if 'undofile' is set. Matthias
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ