Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:2084
HistoryAug 08, 2007 - 12:00 a.m.

File多个拒绝服务漏洞

2007-08-0800:00:00
Root
www.seebug.org
27

0.042 Low

EPSS

Percentile

91.3%

JSON

CVE ID:CVE-2007-2026
CVE-2007-2799
CNCVE ID:CNCVE-20072026
CNCVE-20072799

File是一款*nix下的文件格式识别工具。
File处理恶意文件错误,本地攻击者可以利用漏洞对应用程序进行拒绝服务攻击。
CVE-2007-2026是对特定的规则表达式处理存在问题,可导致应用程序崩溃。
CVE-2007-2799是存在整数下溢问题,可导致任意代码执行。
目前没有详细漏洞细节提供。

Ubuntu Ubuntu Linux 7.04 sparc
Ubuntu Ubuntu Linux 7.04 powerpc
Ubuntu Ubuntu Linux 7.04 i386
Ubuntu Ubuntu Linux 7.04 amd64
Ubuntu Ubuntu Linux 6.10 sparc
Ubuntu Ubuntu Linux 6.10 powerpc
Ubuntu Ubuntu Linux 6.10 i386
Ubuntu Ubuntu Linux 6.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
S.u.S.E. SUSE Linux Enterprise Server 10 SP1
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. SLE SDK 10
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
S.u.S.E. Linux 10.0 x86-64
S.u.S.E. Linux 10.0 x86
S.u.S.E. Linux 10.0 ppc
OpenBSD OpenBSD 4.0
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Avaya SES 3.1.1
Avaya Messaging Storage Server MSS 3.0
Avaya Message Networking
Avaya Communication Manager 4.0
Avaya Communication Manager 3.1

  • Avaya Communication Manager Server DEFINITY Server SI/CS
  • Avaya Communication Manager Server S8100
  • Avaya Communication Manager Server S8300
  • Avaya Communication Manager Server S8500
  • Avaya Communication Manager Server S8700
    Avaya CCS 3.1.1
    Avaya AES 4.0.1

厂商解决方案
OpenBSD可参考如下补丁程序:
OpenBSD OpenBSD 4.0

* OpenBSD 015_file.patch
  <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/015_file.patch" target="_blank">ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/015_file.patch</a>

Related

debian 3
openvas 25
nessus 17
ubuntucve 2
cve 2
debiancve 2
gentoo 4
prion 2
securityvulns 2
fedora 3
ubuntu 1
osv 2
oraclelinux 1
centos 1
veracode 1
suse 1
redhat 1
debian
debian
[SECURITY] [DSA 1343-2] New file packages fix arbitrary code execution
2007-09-26 21:15:39
[SECURITY] [DSA 1343-2] New file packages fix arbitrary code execution
2007-09-26 21:15:39
[SECURITY] [DSA 1343-1] New file packages fix arbitrary code execution
2007-07-31 21:36:42
openvas
openvas
Debian Security Advisory DSA 1343-2 (file)
2008-01-17 00:00:00
Mandriva Update for file MDKSA-2007:114 (file)
2009-04-09 00:00:00
Mandriva Update for file MDKSA-2007:114 (file)
2009-04-09 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : file (MDKSA-2007:114)
2007-06-07 00:00:00
GLSA-200704-13 : File: Denial of Service
2007-04-19 00:00:00
Fedora Core 5 : file-4.21-1.fc5 (2007-541)
2007-06-12 00:00:00
ubuntucve
ubuntucve
CVE-2007-2026
2007-04-13 00:00:00
CVE-2007-2799
2007-05-23 00:00:00
cve
cve
CVE-2007-2026
2007-04-13 18:19:00
CVE-2007-2799
2007-05-23 21:30:00
debiancve
debiancve
CVE-2007-2026
2007-04-13 18:19:00
CVE-2007-2799
2007-05-23 21:30:00
gentoo
gentoo
File: Denial of service
2007-04-17 00:00:00
file: Integer overflow
2007-05-31 00:00:00
The Sleuth Kit: Integer underflow
2007-10-18 00:00:00
prion
prion
Code injection
2007-04-13 18:19:00
Integer overflow
2007-05-23 21:30:00
securityvulns
securityvulns
&#39;file&#39; utility regular expressions DoS
2007-04-16 00:00:00
file utilities integer overflow
2007-03-24 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: file-4.21-1.fc5
2007-06-11 20:01:12
[SECURITY] Fedora Core 6 Update: file-4.21-1.fc6
2007-06-11 20:01:40
[SECURITY] Fedora 7 Update: file-4.21-1.fc7
2007-07-03 16:23:52
ubuntu
ubuntu
file vulnerability
2007-06-11 00:00:00
osv
osv
file
2007-07-31 00:00:00
file
2007-07-31 00:00:00
oraclelinux
oraclelinux
Moderate: file security update
2007-05-30 00:00:00
centos
centos
file security update
2007-05-30 18:29:19
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:18:35
suse
suse
potential code execution in file
2007-07-04 13:45:34
redhat
redhat
(RHSA-2007:0391) Moderate: file security update
2007-05-30 00:00:00

0.042 Low

EPSS

Percentile

91.3%

JSON
Related for SSV:2084
debian3openvas25nessus17ubuntucve2cve2debiancve2gentoo4prion2securityvulns2fedora3ubuntu1osv2oraclelinux1centos1veracode1suse1redhat1