Flaw Fixed in Unix-like Systems

 
 
By Brian Prince  |  Posted 2007-04-02 Email Print this article Print
 
 
 
 
 
 
 

A file integer underflow vulnerability could be exploited to trigger buffer overflow in unpatched Unix-like systems.

A buffer overflow vulnerability caused by an integer underflow in the file_printf function in Unix-like operating systems has been patched. The flaw is contained within the file program and could allow an attacker to execute arbitrary code or create a denial of service condition, according to a posting on the United States Computer Emergency Readiness Teams Web site.
File is a program used to determine what type of data is contained in a file. To trigger the overflow, a hacker would need to get a user to run a vulnerable version of file on a specially crafted file, the advisory states.
"Version 4.20 of file was released to address this issue," according to the US-CERT advisory. If exploited, an attacker could execute malicious code with the permissions of the user running the vulnerable version of file or cause the program to crash, creating a denial-of-service condition.
Patches by Red Hat and Ubuntu were released more than a week ago for users of Red Hat Enterprise Linux 4 and 5 as well as Ubuntu 5.10, Ubuntu 6.06 LTS, Ubuntu 6.10 and corresponding versions of Kubuntu, Edubuntu, and Xubuntu. OpenWall GNU/*Linux and Mandriva have also released updates to address the issue. In addition, running the file program with a limited user account may partially address the impact of a successful exploit of the flaw. Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel