Lucene search

K

Gentoo FoundationGLSA-200703-26

HistoryMar 30, 2007 - 12:00 a.m.

file: Integer underflow

2007-03-3000:00:00

Gentoo Foundation

security.gentoo.org

26

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.049

Percentile

92.8%

Background

file is a utility that guesses a file format by scanning binary data for patterns.

Description

Jean-Sebastien Guay-Leroux reported an integer underflow in file_printf function.

Impact

A remote attacker could entice a user to run the “file” program on a specially crafted file that would trigger a heap-based buffer overflow possibly leading to the execution of arbitrary code with the rights of the user running “file”. Note that this vulnerability could be also triggered through an automatic file scanner like amavisd-new.

Workaround

There is no known workaround at this time.

Resolution

Since file is a system package, all Gentoo users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=sys-apps/file-4.20"

OSVersionArchitecturePackageVersionFilename
Gentooanyallsys-apps/file< 4.20UNKNOWN

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.049

Percentile

92.8%

Related for GLSA-200703-26

openvas23 nessus20 oraclelinux1 nvd2 slackware1 cert1 cve2 exploitdb1 centos2 redhat2 freebsd1 prion2 debiancve2 ubuntucve2 freebsd_advisory1 fedora1 ubuntu1 debian2 cvelist2 suse1 securityvulns1 gentoo2 veracode1 seebug1