Lucene search

K
gentooGentoo FoundationGLSA-200705-25
HistoryMay 31, 2007 - 12:00 a.m.

file: Integer overflow

2007-05-3100:00:00
Gentoo Foundation
security.gentoo.org
19

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

EPSS

0.023

Percentile

89.7%

Background

file is a utility that guesses a file format by scanning binary data for patterns.

Description

Colin Percival from FreeBSD reported that the previous fix for the file_printf() buffer overflow introduced a new integer overflow.

Impact

A remote attacker could entice a user to run the file program on an overly large file (more than 1Gb) that would trigger an integer overflow on 32-bit systems, possibly leading to the execution of arbitrary code with the rights of the user running file.

Workaround

There is no known workaround at this time.

Resolution

Since file is a system package, all Gentoo users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-apps/file-4.21"
OSVersionArchitecturePackageVersionFilename
Gentooanyx86sys-apps/file<Β 4.21UNKNOWN
Gentooanyppcsys-apps/file<Β 4.21UNKNOWN
Gentooanyhppasys-apps/file<Β 4.21UNKNOWN

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

EPSS

0.023

Percentile

89.7%