Alerts This Week
Warning Icon 1 483
Alerts This Week
Warning Icon 1 483

Gentoo: 200310-5 Urgent: Image Processing Memory Leak Buffer Overflow

gentoo
Calendar Grey March 8, 2003
Dist Gentoo Esm H88
- --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUN
The file(1) command contains a buffer overflow vulnerability that canbe leveraged by an attacker to execute arbitrary code under theprivileges of another user.

Summary


- ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200303-8
- ---------------------------------------------------------------------

- ---------------------------------------------------------------------
>From advisory: "The file(1) command contains a buffer overflow vulnerability that can be leveraged by an attacker to execute arbitrary code under the privileges of another user."
Read the full advisory at: /us-en
SOLUTION
It is recommended that all Gentoo Linux users who are running sys-apps/file upgrade to file-3.41 as follows:
emerge sync emerge file emerge clean
- --------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at - ---------------------------------------------------------------------
3.41

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
important
Lowest
Low
Medium
High
Critical

PACKAGE : file
SUMMARY : buffer overflow
DATE : 2003-03-08 22:11 UTC
EXPLOIT : local
VERSIONS AFFECTED : <3.41 :="" fixed version>3.41
CVE : CAN-2003-0102

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here