English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.122739
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2015-2155)
Summary:The remote host is missing an update for the 'file' package(s) announced via the ELSA-2015-2155 advisory.
Description:Summary:
The remote host is missing an update for the 'file' package(s) announced via the ELSA-2015-2155 advisory.

Vulnerability Insight:
[5.11-31]
- fix #1255396 - Make the build ID output consistent with other tools

[5.11-30]
- fix CVE-2014-8116 - bump the acceptable ELF program headers count to 2048

[5.11-29]
- fix #839229 - fix detection of version of XML files

[5.11-28]
- fix #839229 - fix detection of version of XML files

[5.11-27]
- fix CVE-2014-0207 - cdf_read_short_sector insufficient boundary check
- fix CVE-2014-0237 - cdf_unpack_summary_info() excessive looping DoS
- fix CVE-2014-0238 - CDF property info parsing nelements infinite loop
- fix CVE-2014-3478 - mconvert incorrect handling of truncated pascal string
- fix CVE-2014-3479 - fix extensive backtracking in regular expression
- fix CVE-2014-3480 - cdf_count_chain insufficient boundary check
- fix CVE-2014-3487 - cdf_read_property_info insufficient boundary check
- fix CVE-2014-3538 - unrestricted regular expression matching
- fix CVE-2014-3587 - fix cdf_read_property_info
- fix CVE-2014-3710 - out-of-bounds read in elf note headers
- fix CVE-2014-8116 - multiple denial of service issues (resource consumption)
- fix CVE-2014-8117 - denial of service issue (resource consumption)
- fix CVE-2014-9652 - out of bounds read in mconvert()
- fix CVE-2014-9653 - malformed elf file causes access to uninitialized memory

[5.11-26]
- fix #1080452 - remove .orig files from magic directory

[5.11-25]
- fix #1224667, #1224668 - show additional info for Linux swap files

[5.11-24]
- fix #1064268 - fix stray return -1

[5.11-23]
- fix #1094648 - improve Minix detection pattern to fix false positives
- fix #1161912 - trim white-spaces during ISO9660 detection
- fix #1157850 - fix detection of ppc64le ELF binaries
- fix #1161911 - display 'from' field on 32bit ppc core
- fix #1064167 - revert MAXMIME patch
- fix #1064268 - detect Dwarf debuginfo as 'not stripped'
- fix #1082689 - fix invalid read when matched pattern is the last one tried
- fix #1080362 - remove deadcode and OFFSET_OOB redefinition

[5.11-22]
- fix #1067688 - add support for aarch64 ELF binaries

Affected Software/OS:
'file' package(s) on Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-0207
59794
http://secunia.com/advisories/59794
59831
http://secunia.com/advisories/59831
68243
http://www.securityfocus.com/bid/68243
APPLE-SA-2015-04-08-2
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
DSA-2974
http://www.debian.org/security/2014/dsa-2974
DSA-3021
http://www.debian.org/security/2014/dsa-3021
HPSBUX03102
http://marc.info/?l=bugtraq&m=141017844705317&w=2
RHSA-2014:1765
http://rhn.redhat.com/errata/RHSA-2014-1765.html
RHSA-2014:1766
http://rhn.redhat.com/errata/RHSA-2014-1766.html
SSRT101681
[file] 20140612 file-5.19 is now available
http://mx.gw.com/pipermail/file/2014/001553.html
http://support.apple.com/kb/HT6443
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.php.net/ChangeLog-5.php
https://bugs.php.net/bug.php?id=67326
https://bugzilla.redhat.com/show_bug.cgi?id=1091842
https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391
https://support.apple.com/HT204659
openSUSE-SU-2014:1236
http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-0237
BugTraq ID: 67759
http://www.securityfocus.com/bid/67759
Debian Security Information: DSA-3021 (Google Search)
RedHat Security Advisories: RHSA-2014:1765
RedHat Security Advisories: RHSA-2014:1766
http://secunia.com/advisories/59061
http://secunia.com/advisories/59329
http://secunia.com/advisories/59418
http://secunia.com/advisories/60998
SuSE Security Announcement: SUSE-SU-2014:0869 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-0238
BugTraq ID: 67765
http://www.securityfocus.com/bid/67765
Common Vulnerability Exposure (CVE) ID: CVE-2014-3478
68239
http://www.securityfocus.com/bid/68239
RHSA-2014:1327
http://rhn.redhat.com/errata/RHSA-2014-1327.html
https://bugs.php.net/bug.php?id=67410
https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08
Common Vulnerability Exposure (CVE) ID: CVE-2014-3479
68241
http://www.securityfocus.com/bid/68241
https://bugs.php.net/bug.php?id=67411
https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67
Common Vulnerability Exposure (CVE) ID: CVE-2014-3480
68238
http://www.securityfocus.com/bid/68238
https://bugs.php.net/bug.php?id=67412
https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382
Common Vulnerability Exposure (CVE) ID: CVE-2014-3487
68120
http://www.securityfocus.com/bid/68120
https://bugs.php.net/bug.php?id=67413
https://github.com/file/file/commit/93e063ee374b6a75729df9e7201fb511e47e259d
Common Vulnerability Exposure (CVE) ID: CVE-2014-3538
BugTraq ID: 68348
http://www.securityfocus.com/bid/68348
Debian Security Information: DSA-3008 (Google Search)
http://www.debian.org/security/2014/dsa-3008
http://openwall.com/lists/oss-security/2014/06/30/7
RedHat Security Advisories: RHSA-2014:1327
RedHat Security Advisories: RHSA-2016:0760
http://rhn.redhat.com/errata/RHSA-2016-0760.html
http://secunia.com/advisories/60696
Common Vulnerability Exposure (CVE) ID: CVE-2014-3587
BugTraq ID: 69325
http://www.securityfocus.com/bid/69325
RedHat Security Advisories: RHSA-2014:1326
http://rhn.redhat.com/errata/RHSA-2014-1326.html
http://secunia.com/advisories/60609
http://www.ubuntu.com/usn/USN-2344-1
http://www.ubuntu.com/usn/USN-2369-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-3710
BugTraq ID: 70807
http://www.securityfocus.com/bid/70807
Debian Security Information: DSA-3072 (Google Search)
http://www.debian.org/security/2014/dsa-3072
FreeBSD Security Advisory: FreeBSD-SA-14:28
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
https://security.gentoo.org/glsa/201503-03
https://security.gentoo.org/glsa/201701-42
RedHat Security Advisories: RHSA-2014:1767
http://rhn.redhat.com/errata/RHSA-2014-1767.html
RedHat Security Advisories: RHSA-2014:1768
http://rhn.redhat.com/errata/RHSA-2014-1768.html
http://www.securitytracker.com/id/1031344
http://secunia.com/advisories/60630
http://secunia.com/advisories/60699
http://secunia.com/advisories/61763
http://secunia.com/advisories/61970
http://secunia.com/advisories/61982
http://secunia.com/advisories/62347
http://secunia.com/advisories/62559
SuSE Security Announcement: openSUSE-SU-2014:1516 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html
http://www.ubuntu.com/usn/USN-2391-1
http://www.ubuntu.com/usn/USN-2494-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-8116
BugTraq ID: 71700
http://www.securityfocus.com/bid/71700
http://seclists.org/oss-sec/2014/q4/1056
http://secunia.com/advisories/61944
http://secunia.com/advisories/62081
Common Vulnerability Exposure (CVE) ID: CVE-2014-8117
BugTraq ID: 71692
http://www.securityfocus.com/bid/71692
http://www.ubuntu.com/usn/USN-2535-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-9652
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
BugTraq ID: 72505
http://www.securityfocus.com/bid/72505
HPdes Security Advisory: HPSBMU03380
http://marc.info/?l=bugtraq&m=143748090628601&w=2
HPdes Security Advisory: HPSBMU03409
http://marc.info/?l=bugtraq&m=144050155601375&w=2
http://openwall.com/lists/oss-security/2015/02/05/12
RedHat Security Advisories: RHSA-2015:1053
http://rhn.redhat.com/errata/RHSA-2015-1053.html
RedHat Security Advisories: RHSA-2015:1066
http://rhn.redhat.com/errata/RHSA-2015-1066.html
RedHat Security Advisories: RHSA-2015:1135
http://rhn.redhat.com/errata/RHSA-2015-1135.html
SuSE Security Announcement: SUSE-SU-2015:0424 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00002.html
SuSE Security Announcement: SUSE-SU-2015:0436 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html
SuSE Security Announcement: openSUSE-SU-2015:0440 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00004.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-9653
BugTraq ID: 72516
http://www.securityfocus.com/bid/72516
Debian Security Information: DSA-3196 (Google Search)
http://www.debian.org/security/2015/dsa-3196
http://mx.gw.com/pipermail/file/2014/001649.html
http://openwall.com/lists/oss-security/2015/02/05/13
https://usn.ubuntu.com/3686-1/
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.