First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 16943
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Samuel Greenfeld <n2uro@aol.com>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 16943 depends on: Show dependency tree
Bug 16943 blocks:
Votes: 0    Show votes for this bug    Vote for this bug

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2003-03-06 00:41 0000 
See http://www.idefense.com/advisory/03.04.03.txt

Not the worst exploit in the world (one system user has to specifically convince
another to examine a specially crafted file with the file utility in order to
force code execution), but one that should be eventually fixed.

Soultion: Provide an ebuild for File 3.41 to counter.

Reproducible: Always
Steps to Reproduce:

------- Comment #1 From klavs klavsen 2003-03-06 04:36:52 0000 ------- 
It is NOT only a local exploit - it can be EXPLOITED REMOTELY if you use
content-filters such as amavis, amavis-ng amavisd or amavisd-new as far as I'm
aware of. Because they inspect every file you email to them.

So all you using those filters - and perhaps others? would do nicely to upgrade
your file tool.

IE. it should be marked as important.

------- Comment #2 From Daniel Ahlberg (RETIRED) 2003-03-08 17:11:48 0000 ------- 
glsa sent
First Last Prev Next    No search results available      Search page      Enter new bug