English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 148472 CVE descriptions
and 72306 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2007-22
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 03 Apr 2007
 Last revised: 03 Apr 2007

 Package: file

 Summary: Integer underflow

 More information:
    File tests each argument in an attempt to classify it.  There are
    three sets of tests, performed in this order: filesystem tests, magic
    number tests, and language tests.  The first test that succeeds causes
    the file type to be printed.

    The integer underflow exists in file command.

 Impact:
    This vulnerability may allow attackers to execute arbitrary code via
    a file that triggers a heap-based buffer overflow.

 Affected Products:
    - wizpy
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal


 <wizpy>

   Source Packages
   Size: MD5

   file-4.14-3.src.rpm
       560267 ad3a7203d316af2a68354f0d8842daf2

   Binary Packages
   Size: MD5

   file-4.14-3.i386.rpm
       220917 9621813b7e5ed62383a34f4a5eb19fe1

 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   file-4.07-2.src.rpm
       371814 20a35f719944b847fe5017b32a1a4e6c

   Binary Packages
   Size: MD5

   file-4.07-2.i586.rpm
       184754 b11f0c34aa6460062c4edae923cc46f5
   file-devel-4.07-2.i586.rpm
        35904 f9a0c73c8c11446dae4d8c35e96ab577

 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   file-4.14-3.src.rpm
       560267 e091b8a4b4b9b2348c5defb386dea2ab

   Binary Packages
   Size: MD5

   file-4.14-3.i686.rpm
       268183 b84e4014653f989aa08ac1cf52b53a7f
   file-devel-4.14-3.i686.rpm
        39297 38eb8c3fe1760eb7f62884ddf5742d3b

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/file-4.07-2.src.rpm
       371814 cea14e28fbb736280c7ade0963f58232

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/file-4.07-2.x86_64.rpm
       186934 47312cb7d007935f67da74311eb2931e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/file-debug-4.07-2.x86_64.rpm
       103715 4bd9e1b287ab46fd802f0468562c3ade
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/file-devel-4.07-2.x86_64.rpm
        37829 81eea6d1e50f0b75e22b6ee26b5eb8b6

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/file-4.07-2.src.rpm
       371814 20a35f719944b847fe5017b32a1a4e6c

   Binary Packages
   Size: MD5

   file-4.07-2.i586.rpm
       184754 b11f0c34aa6460062c4edae923cc46f5
   file-debug-4.07-2.i586.rpm
       105072 3befdc63307ced85cc65a4ae4d14b4ab
   file-devel-4.07-2.i586.rpm
        35904 f9a0c73c8c11446dae4d8c35e96ab577

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/file-4.03-5.src.rpm
       356401 6b4c1f80f2ba99c1c81033b6859ae28b

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/file-4.03-5.i586.rpm
       173869 8efa29ec35d119b6db28c6c3f2c57de4


 References:

 CVE
   [CVE-2007-1536]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536

 --------------------------------------------------------------------------
 Revision History
    03 Apr 2007 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2006 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGEhE6K0LzjOqIJMwRApDiAJsH5GEvkr8e7WO2Nm0M6BJleak/5QCdFlxB
oGVPeIeZykmsQ2vTau2dxUI=
=+U2k
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.