Vulnerability Note VU#606700

file integer overflow vulnerability

Original Release date: 26 Mar 2007 | Last revised: 16 Oct 2007

Overview

The file program contains a vulnerability that may allow an attacker to execute arbitrary code or create a denial-of-service condition.

Description

file is a program for Unix-like operating systems that is used to determine what type of data is contained in a file.

file contains a buffer overflow vulnerability that is caused by an integer overflow in the file_printf function. To trigger the overflow, an attacker would need to convince a user to run a vulnerable version of file on a specially crafted file.

Impact

An attacker may be able to execute arbitrary code with the permissions of the user running the vulnerable version of file or cause the program to crash, creating a denial-of-service condition

Solution

Upgrade
Version 4.20 of file was released to address this issue. Note that operating systems may ship with different versions of the file program. See the systems affected portion of this document for information about specific vendors.


Do not run file as root

Running the file program with a limited user account may partially mitigate the impact of successful exploitation of vulnerability.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Debian GNU/LinuxAffected-06 Apr 2007
Gentoo LinuxAffected20 Mar 200706 Apr 2007
Mandriva, Inc.Affected20 Mar 200726 Mar 2007
Openwall GNU/*/LinuxAffected20 Mar 200726 Mar 2007
Red Hat, Inc.Affected20 Mar 200723 Mar 2007
Slackware Linux Inc.Affected20 Mar 200706 Apr 2007
SUSE LinuxAffected20 Mar 200706 Apr 2007
Trustix Secure LinuxAffected20 Mar 200706 Apr 2007
UbuntuAffected20 Mar 200723 Mar 2007
Microsoft CorporationNot Affected20 Mar 200723 Mar 2007
Apache HTTP Server ProjectUnknown26 Mar 200726 Mar 2007
Apple Computer, Inc.Unknown20 Mar 200720 Mar 2007
Conectiva Inc.Unknown20 Mar 200720 Mar 2007
Cray Inc.Unknown20 Mar 200720 Mar 2007
EMC, Inc. (formerly Data General Corporation)Unknown20 Mar 200720 Mar 2007
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Jean-Sébastien Guay-Leroux and Christos Zoulas for information that was used in this report.

This document was written by Ryan Giobbi.

Other Information

  • CVE IDs: CVE-2007-1536
  • Date Public: 19 Mar 2007
  • Date First Published: 26 Mar 2007
  • Date Last Updated: 16 Oct 2007
  • Severity Metric: 1.62
  • Document Revision: 44

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.