29 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-8905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360...
RHEL 8 : file (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - file: out-of-bounds read in docorenote in readelf.c CVE-2019-8906 - docorenote in readelf.c in libmagic.a...
Mageia: Security Advisory (MGASA-2019-0118)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0571-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for file (EulerOS-SA-2020-1845)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3911-2: file regression | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description USN-3911-1 fixed vulnerabilities in file. One of the backported security fixes introduced a regression that caused the interpreter string to be truncated. This update fixes the...
Photon OS 1.0: File PHSA-2020-1.0-0289
An update of the file package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0289. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136031;...
Photon OS 2.0: File PHSA-2020-2.0-0228
An update of the file package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0228. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid135863;...
Photon OS 3.0: File PHSA-2020-3.0-0080
An update of the file package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0080. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid135790;...
CVE-2019-8905
docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360...
openSUSE: Security Advisory for file (openSUSE-SU-2019:1197-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Updated file packages fix security vulnerabilities
The updated file packages fix security vulnerabilities: docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360. CVE-2019-8905 docorenote in readelf.c in libmagic.a in file 5.35 allows remote...
Amazon Linux AMI : file (ALAS-2019-1186)
dobidnote in readelf.c in libmagic.a has a stack-based buffer over-read, related to fileprintf and filevprintf. CVE-2019-8904 docorenote in readelf.c in libmagic.a has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360 . CVE-2019-8905 docorenot...
USN-3911-1: file vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. CVEs...
openSUSE Security Update : file (openSUSE-2019-345)
This update for file fixes the following issues : The following security vulnerabilities were addressed : - CVE-2018-10360: Fixed an out-of-bounds read in the function docorenote in readelf.c, which allowed remote attackers to cause a denial of service application crash via a crafted ELF file...
openSUSE: Security Advisory for file (openSUSE-SU-2019:0345-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 28 : file (2019-c90f32a130)
CVE-2019-8907 - remote denial of service in docorenote in readelf.c - CVE-2019-8905 - stack-based buffer over-read in docorenote in readelf.c - CVE-2019-8906 - out-of-bounds read in docorenote in readelf.c Note that Tenable Network Security has extracted the preceding description block directly...
SUSE SLED15 / SLES15 Security Update : file (SUSE-SU-2019:0571-1)
This update for file fixes the following issues : The following security vulnerabilities were addressed : CVE-2018-10360: Fixed an out-of-bounds read in the function docorenote in readelf.c, which allowed remote attackers to cause a denial of service application crash via a crafted ELF file...
Fedora 29 : file (2019-15f5147b27)
CVE-2019-8907 - remote denial of service in docorenote in readelf.c - CVE-2019-8905 - stack-based buffer over-read in docorenote in readelf.c - CVE-2019-8904 - stack-based buffer over-read in dobidnote in readelf.c - CVE-2019-8906 - out-of-bounds read in docorenote in readelf.c Note that Tenable...
[SECURITY] [DLA 1698-1] file security update
Package : file Version : 1:5.22+15-2+deb8u5 CVE ID : CVE-2019-8905 CVE-2019-8907 Potential buffer over-reads in readelf.c have been found in file, a popular file type guesser. For Debian 8 "Jessie", these problems have been fixed in version 1:5.22+15-2+deb8u5. We recommend that you upgrade your...