Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.59663
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2007-22 (file)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to file
announced via advisory TLSA-2007-22.

File tests each argument in an attempt to classify it. There are
three sets of tests, performed in this order: filesystem tests, magic
number tests, and language tests. The first test that succeeds causes
the file type to be printed.

The integer underflow exists in file command.

This vulnerability may allow attackers to execute arbitrary code via
a file that triggers a heap-based buffer overflow.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2007-22

Risk factor : Critical

CVSS Score:
9.3

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-1536
http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
BugTraq ID: 23021
http://www.securityfocus.com/bid/23021
Bugtraq: 20070825 OpenBSD 4.1 - Heap overflow vulnerabillity (Google Search)
http://www.securityfocus.com/archive/1/477861/100/0/threaded
Bugtraq: 20070828 Re: OpenBSD 4.1 - Heap overflow vulnerabillity (Google Search)
http://www.securityfocus.com/archive/1/477950/100/0/threaded
CERT/CC vulnerability note: VU#606700
http://www.kb.cert.org/vuls/id/606700
Debian Security Information: DSA-1274 (Google Search)
http://www.debian.org/security/2007/dsa-1274
FreeBSD Security Advisory: FreeBSD-SA-07:04
http://security.freebsd.org/advisories/FreeBSD-SA-07:04.file.asc
http://security.gentoo.org/glsa/glsa-200703-26.xml
http://security.gentoo.org/glsa/glsa-200710-19.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:067
http://mx.gw.com/pipermail/file/2007/000161.html
NETBSD Security Advisory: NetBSD-SA2008-001
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc
OpenBSD Security Advisory: [4.0] 20070709 015: SECURITY FIX: July 9, 2007
http://openbsd.org/errata40.html#015_file
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10658
http://www.redhat.com/support/errata/RHSA-2007-0124.html
http://www.securitytracker.com/id?1017796
http://secunia.com/advisories/24548
http://secunia.com/advisories/24592
http://secunia.com/advisories/24604
http://secunia.com/advisories/24608
http://secunia.com/advisories/24616
http://secunia.com/advisories/24617
http://secunia.com/advisories/24723
http://secunia.com/advisories/24754
http://secunia.com/advisories/25133
http://secunia.com/advisories/25393
http://secunia.com/advisories/25402
http://secunia.com/advisories/25931
http://secunia.com/advisories/25989
http://secunia.com/advisories/27307
http://secunia.com/advisories/27314
http://secunia.com/advisories/29179
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.512926
SuSE Security Announcement: SUSE-SA:2007:040 (Google Search)
http://www.novell.com/linux/security/advisories/2007_40_file.html
SuSE Security Announcement: SUSE-SR:2007:005 (Google Search)
http://www.novell.com/linux/security/advisories/2007_5_sr.html
http://www.ubuntu.com/usn/usn-439-1
http://www.vupen.com/english/advisories/2007/1040
http://www.vupen.com/english/advisories/2007/1939
XForce ISS Database: openbsd-file-bo(36283)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36283
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.