drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in file
| Name: |
Ausführen beliebiger Kommandos in file |
|
| ID: |
TLSA-2007-22 |
|
| Distribution: |
TurboLinux |
|
| Plattformen: |
Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, TurboLinux wizpy |
|
| Datum: |
Mi, 4. April 2007, 03:50 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 |
|
| Applikationen: |
file |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2007-22
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 03 Apr 2007
Last revised: 03 Apr 2007
Package: file
Summary: Integer underflow
More information:
File tests each argument in an attempt to classify it. There are
three sets of tests, performed in this order: filesystem tests, magic
number tests, and language tests. The first test that succeeds causes
the file type to be printed.
The integer underflow exists in file command.
Impact:
This vulnerability may allow attackers to execute arbitrary code via
a file that triggers a heap-based buffer overflow.
Affected Products:
- wizpy
- Turbolinux FUJI
- Turbolinux 10 Server x64 Edition
- Turbolinux 10 Server
- Turbolinux Home
- Turbolinux 10 F...
- Turbolinux 10 Desktop
- Turbolinux Multimedia
- Turbolinux Personal
<wizpy>
Source Packages
Size: MD5
file-4.14-3.src.rpm
560267 ad3a7203d316af2a68354f0d8842daf2
Binary Packages
Size: MD5
file-4.14-3.i386.rpm
220917 9621813b7e5ed62383a34f4a5eb19fe1
<Turbolinux Appliance Server 2.0>
Source Packages
Size: MD5
file-4.07-2.src.rpm
371814 20a35f719944b847fe5017b32a1a4e6c
Binary Packages
Size: MD5
file-4.07-2.i586.rpm
184754 b11f0c34aa6460062c4edae923cc46f5
file-devel-4.07-2.i586.rpm
35904 f9a0c73c8c11446dae4d8c35e96ab577
<Turbolinux FUJI>
Source Packages
Size: MD5
file-4.14-3.src.rpm
560267 e091b8a4b4b9b2348c5defb386dea2ab
Binary Packages
Size: MD5
file-4.14-3.i686.rpm
268183 b84e4014653f989aa08ac1cf52b53a7f
file-devel-4.14-3.i686.rpm
39297 38eb8c3fe1760eb7f62884ddf5742d3b
<Turbolinux 10 Server x64 Edition>
Source Packages
Size: MD5
file-4.07-2.src.rpm
371814 cea14e28fbb736280c7ade0963f58232
Binary Packages
Size: MD5
file-4.07-2.x86_64.rpm
186934 47312cb7d007935f67da74311eb2931e
file-debug-4.07-2.x86_64.rpm
103715 4bd9e1b287ab46fd802f0468562c3ade
file-devel-4.07-2.x86_64.rpm
37829 81eea6d1e50f0b75e22b6ee26b5eb8b6
<Turbolinux 10 Server>
Source Packages
Size: MD5
file-4.07-2.src.rpm
371814 20a35f719944b847fe5017b32a1a4e6c
Binary Packages
Size: MD5
file-4.07-2.i586.rpm
184754 b11f0c34aa6460062c4edae923cc46f5
file-debug-4.07-2.i586.rpm
105072 3befdc63307ced85cc65a4ae4d14b4ab
file-devel-4.07-2.i586.rpm
35904 f9a0c73c8c11446dae4d8c35e96ab577
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux
Multimedia, Turbolinux Personal>
Source Packages
Size: MD5
file-4.03-5.src.rpm
356401 6b4c1f80f2ba99c1c81033b6859ae28b
Binary Packages
Size: MD5
file-4.03-5.i586.rpm
173869 8efa29ec35d119b6db28c6c3f2c57de4
References:
CVE
[CVE-2007-1536]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
--------------------------------------------------------------------------
Revision History
03 Apr 2007 Initial release
--------------------------------------------------------------------------
Copyright(C) 2006 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGEhE6K0LzjOqIJMwRApDiAJsH5GEvkr8e7WO2Nm0M6BJleak/5QCdFlxB
oGVPeIeZykmsQ2vTau2dxUI=
=+U2k
-----END PGP SIGNATURE-----
|
|
|
|
