Test ID:	1.3.6.1.4.1.25623.1.0.59553
Category:	Fedora Local Security Checks
Title:	Fedora Core 5 FEDORA-2007-541 (file)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to file announced via advisory FEDORA-2007-541. The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. You should install the file package, since the file command is such a useful utility. Update Information: This update should provide latest upstream version (4.21) and should contain fix for CVE-2007-2799. * Mon May 28 2007 Martin Bacovsky - 4.21-1 - upgrade to new upstream 4.21 - resolves: #241034: CVE-2007-2799 file integer overflow Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-541 Risk factor : High CVSS Score: 5.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2799 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 24146 http://www.securityfocus.com/bid/24146 Bugtraq: 20070524 FLEA-2007-0022-1: file (Google Search) http://www.securityfocus.com/archive/1/469520/30/6420/threaded Debian Security Information: DSA-1343 (Google Search) http://www.debian.org/security/2007/dsa-1343 http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:114 NETBSD Security Advisory: NetBSD-SA2008-001 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc http://osvdb.org/38498 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012 http://www.redhat.com/support/errata/RHSA-2007-0391.html http://www.securitytracker.com/id?1018140 http://secunia.com/advisories/25394 http://secunia.com/advisories/25544 http://secunia.com/advisories/25578 http://secunia.com/advisories/25931 http://secunia.com/advisories/26203 http://secunia.com/advisories/26294 http://secunia.com/advisories/26415 http://secunia.com/advisories/29179 http://secunia.com/advisories/29420 SuSE Security Announcement: SUSE-SA:2007:040 (Google Search) http://www.novell.com/linux/security/advisories/2007_40_file.html http://www.trustix.org/errata/2007/0024/ http://www.ubuntu.com/usn/usn-439-2 http://www.vupen.com/english/advisories/2007/2071 http://www.vupen.com/english/advisories/2008/0924/references XForce ISS Database: file-assert-code-execution(34731) https://exchange.xforce.ibmcloud.com/vulnerabilities/34731
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.