remote system compromise in file

2003-03-2112:40:17

lists.opensuse.org

EPSS

0.003

Percentile

68.8%

JSON

The file command can be used to determine the type of files. iDEFENSE published a security report about a buffer overflow in the handling-routines for the ELF file-format. In conjunction with other mechanisms like print-filters, cron-jobs, eMail-scanners (like AMaViS) and alike this vulnerability can be used to gain higher privileges or to compromise the system remotely.

OSVersionArchitecturePackageVersionFilename
openSUSE8.0i386file< 3.37-206file-3.37-206.i386.rpm
openSUSE7.3ppcfile< 3.33-69file-3.33-69.ppc.rpm
openSUSE7.1i386file< 3.32-118file-3.32-118.i386.rpm
openSUSE7.1ppcfile< 3.32-36file-3.32-36.ppc.rpm
openSUSE8.1i586file< 3.37-206file-3.37-206.i586.rpm
openSUSE7.1alphafile< 3.32-69file-3.32-69.alpha.rpm
openSUSE7.3sparcfile< 3.33-39file-3.33-39.sparc.rpm
openSUSE7.3i386file< 3.33-85file-3.33-85.i386.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE	8.0	i386	file	< 3.37-206	file-3.37-206.i386.rpm
openSUSE	7.3	ppc	file	< 3.33-69	file-3.33-69.ppc.rpm
openSUSE	7.1	i386	file	< 3.32-118	file-3.32-118.i386.rpm
openSUSE	7.1	ppc	file	< 3.32-36	file-3.32-36.ppc.rpm
openSUSE	8.1	i586	file	< 3.37-206	file-3.37-206.i586.rpm
openSUSE	7.1	alpha	file	< 3.32-69	file-3.32-69.alpha.rpm
openSUSE	7.3	sparc	file	< 3.33-39	file-3.33-39.sparc.rpm
openSUSE	7.3	i386	file	< 3.33-85	file-3.33-85.i386.rpm

EPSS

0.003

Percentile

68.8%

JSON

Related for SUSE-SA:2003:017