Date: Thu, 19 Apr 2007 16:04:44 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-security@FreeBSD.ORG, simon@FreeBSD.ORG, thomas@bsdunix.ch Subject: Re: Integer underflow in the "file" program before 4.20 Message-ID: <200704191404.l3JE4i6U064266@lurza.secnetix.de> In-Reply-To: <20070331054103.GA982@zaphod.nitro.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
Simon L. Nielsen wrote: > Thomas Vogt wrote: > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 > > "Integer underflow in the file_printf function in the "file" program > > before 4.20 allows user-assisted attackers to execute arbitrary code via > > a file that triggers a heap-based buffer overflow." > > > > Is FreeBSD 5.x/6.x affected too? It looks the System has file 4.12. The > > port has 4.20. > > Hey, > > While I haven't confirmed FreeBSD is vulnerable, I assume that is the > case. In any case, we (The FreeBSD Security Team) are working on this > isuse. Any news on this? It's been more than a month ... Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead." -- RFC 1925
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200704191404.l3JE4i6U064266>