drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in file
Name: |
Ausführen beliebiger Kommandos in file |
|
ID: |
TLSA-2007-22 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, TurboLinux wizpy |
|
Datum: |
Mi, 4. April 2007, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 |
|
Applikationen: |
file |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2007-22 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 03 Apr 2007 Last revised: 03 Apr 2007
Package: file
Summary: Integer underflow
More information: File tests each argument in an attempt to classify it. There are three sets of tests, performed in this order: filesystem tests, magic number tests, and language tests. The first test that succeeds causes the file type to be printed.
The integer underflow exists in file command.
Impact: This vulnerability may allow attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.
Affected Products: - wizpy - Turbolinux FUJI - Turbolinux 10 Server x64 Edition - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal
<wizpy>
Source Packages Size: MD5
file-4.14-3.src.rpm 560267 ad3a7203d316af2a68354f0d8842daf2
Binary Packages Size: MD5
file-4.14-3.i386.rpm 220917 9621813b7e5ed62383a34f4a5eb19fe1
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
file-4.07-2.src.rpm 371814 20a35f719944b847fe5017b32a1a4e6c
Binary Packages Size: MD5
file-4.07-2.i586.rpm 184754 b11f0c34aa6460062c4edae923cc46f5 file-devel-4.07-2.i586.rpm 35904 f9a0c73c8c11446dae4d8c35e96ab577
<Turbolinux FUJI>
Source Packages Size: MD5
file-4.14-3.src.rpm 560267 e091b8a4b4b9b2348c5defb386dea2ab
Binary Packages Size: MD5
file-4.14-3.i686.rpm 268183 b84e4014653f989aa08ac1cf52b53a7f file-devel-4.14-3.i686.rpm 39297 38eb8c3fe1760eb7f62884ddf5742d3b
<Turbolinux 10 Server x64 Edition>
Source Packages Size: MD5
file-4.07-2.src.rpm 371814 cea14e28fbb736280c7ade0963f58232
Binary Packages Size: MD5
file-4.07-2.x86_64.rpm 186934 47312cb7d007935f67da74311eb2931e file-debug-4.07-2.x86_64.rpm 103715 4bd9e1b287ab46fd802f0468562c3ade file-devel-4.07-2.x86_64.rpm 37829 81eea6d1e50f0b75e22b6ee26b5eb8b6
<Turbolinux 10 Server>
Source Packages Size: MD5
file-4.07-2.src.rpm 371814 20a35f719944b847fe5017b32a1a4e6c
Binary Packages Size: MD5
file-4.07-2.i586.rpm 184754 b11f0c34aa6460062c4edae923cc46f5 file-debug-4.07-2.i586.rpm 105072 3befdc63307ced85cc65a4ae4d14b4ab file-devel-4.07-2.i586.rpm 35904 f9a0c73c8c11446dae4d8c35e96ab577
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>
Source Packages Size: MD5
file-4.03-5.src.rpm 356401 6b4c1f80f2ba99c1c81033b6859ae28b
Binary Packages Size: MD5
file-4.03-5.i586.rpm 173869 8efa29ec35d119b6db28c6c3f2c57de4
References:
CVE [CVE-2007-1536] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
-------------------------------------------------------------------------- Revision History 03 Apr 2007 Initial release --------------------------------------------------------------------------
Copyright(C) 2006 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGEhE6K0LzjOqIJMwRApDiAJsH5GEvkr8e7WO2Nm0M6BJleak/5QCdFlxB oGVPeIeZykmsQ2vTau2dxUI= =+U2k -----END PGP SIGNATURE-----
|
|
|
|