Integer underflow in the "file" program before 4.20 - Simon L. Nielsen - org.freebsd.freebsd-security

4 messages in org.freebsd.freebsd-securityInteger underflow in the "file" progr...

From	Sent On	Attachments
Thomas Vogt	Mar 29, 2007 4:16 pm
Simon L. Nielsen	Mar 31, 2007 5:40 am
Gabor Kovesdan	Mar 31, 2007 11:28 am
Oliver Fromme	Apr 19, 2007 2:37 pm

Subject:	Integer underflow in the "file" program before 4.20
From:	Simon L. Nielsen (sim...@FreeBSD.org)
Date:	Mar 31, 2007 5:40:47 am
List:	org.freebsd.freebsd-security

On 2007.03.29 16:22:58 +0200, Thomas Vogt wrote:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 "Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow."

Is FreeBSD 5.x/6.x affected too? It looks the System has file 4.12. The port has 4.20.

Hey,

While I haven't confirmed FreeBSD is vulnerable, I assume that is the case. In any case, we (The FreeBSD Security Team) are working on this isuse.

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets