Vulnerabilities > CVE-2007-1536 - Numeric Errors vulnerability in File
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.
Common Weakness Enumeration (CWE)
Exploit-Db
description | File(1) 4.13 Command File_PrintF Integer Underflow Vulnerability. CVE-2007-1536. Remote exploit for linux platform |
id | EDB-ID:29753 |
last seen | 2016-02-03 |
modified | 2007-03-19 |
published | 2007-03-19 |
reporter | Jean-Sebastien Guay-Leroux |
source | https://www.exploit-db.com/download/29753/ |
title | File1 <= 4.13 Command File_PrintF Integer Underflow Vulnerability |
Nessus
NASL family Scientific Linux Local Security Checks NASL id SL_20070530_FILE_ON_SL5_X.NASL description The fix for CVE-2007-1536 introduced a new integer underflow flaw in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-2799) last seen 2020-06-01 modified 2020-06-02 plugin id 60191 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60191 title Scientific Linux Security Update : file on SL5.x, SL4.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(60191); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:17"); script_cve_id("CVE-2007-1536", "CVE-2007-2799"); script_name(english:"Scientific Linux Security Update : file on SL5.x, SL4.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Scientific Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "The fix for CVE-2007-1536 introduced a new integer underflow flaw in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-2799)" ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0706&L=scientific-linux-errata&T=0&P=330 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?6474ec97" ); script_set_attribute(attribute:"solution", value:"Update the affected file package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2007/05/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL4", reference:"file-4.10-3.0.2.el4")) flag++; if (rpm_check(release:"SL5", reference:"file-4.17-9.0.1.el5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_FILE-3034.NASL description An integer underflow within the ELF header parsing has been fixed which could lead to arbitrary code execution. CVE-2007-1536 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 29427 published 2007-12-13 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29427 title SuSE 10 Security Update : file (ZYPP Patch Number 3034) NASL family Fedora Local Security Checks NASL id FEDORA_2007-391.NASL description this issue should fix CVE-2007-1536 (heap overflow that can result in arbitrary code execution) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24924 published 2007-04-05 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24924 title Fedora Core 6 : file-4.19-2.fc6 (2007-391) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2007-0391.NASL description From Red Hat Security Advisory 2007:0391 : An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The file command is used to identify a particular file according to the type of data contained by the file. The fix for CVE-2007-1536 introduced a new integer underflow flaw in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-2799) This issue did not affect the version of the file utility distributed with Red Hat Enterprise Linux 2.1 or 3. Users should upgrade to this erratum package, which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 67507 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67507 title Oracle Linux 4 / 5 : file (ELSA-2007-0391) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2007-0391.NASL description An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The file command is used to identify a particular file according to the type of data contained by the file. The fix for CVE-2007-1536 introduced a new integer underflow flaw in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-2799) This issue did not affect the version of the file utility distributed with Red Hat Enterprise Linux 2.1 or 3. Users should upgrade to this erratum package, which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 25364 published 2007-06-01 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/25364 title RHEL 4 / 5 : file (RHSA-2007:0391) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-439-1.NASL description Jean-Sebastien Guay-Leroux discovered that last seen 2020-06-01 modified 2020-06-02 plugin id 28035 published 2007-11-10 reporter Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/28035 title Ubuntu 5.10 / 6.06 LTS / 6.10 : file vulnerability (USN-439-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2007-0124.NASL description From Red Hat Security Advisory 2007:0124 : An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The file command is used to identify a particular file according to the type of data contained by the file. An integer underflow flaw was found in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-1536) This issue did not affect the version of the file utility distributed with Red Hat Enterprise Linux 2.1 or 3. Users should upgrade to this erratum package, which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 67463 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67463 title Oracle Linux 4 : file (ELSA-2007-0124) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1274.NASL description An integer underflow bug has been found in the file_printf function in file, a tool to determine file types based analysis of file content. The bug could allow an attacker to execute arbitrary code by inducing a local user to examine a specially crafted file that triggers a buffer overflow. last seen 2020-06-01 modified 2020-06-02 plugin id 25008 published 2007-04-10 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25008 title Debian DSA-1274-1 : file - buffer overflow NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2007-0391.NASL description An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The file command is used to identify a particular file according to the type of data contained by the file. The fix for CVE-2007-1536 introduced a new integer underflow flaw in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-2799) This issue did not affect the version of the file utility distributed with Red Hat Enterprise Linux 2.1 or 3. Users should upgrade to this erratum package, which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 25355 published 2007-06-01 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/25355 title CentOS 4 / 5 : file (CESA-2007:0391) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2007-114.NASL description The update to correct CVE-2007-1536 (MDKSA-2007:067), a buffer overflow in the file_printf() function, introduced a new integer overflow as reported by Colin Percival. This flaw, if an attacker could trick a user into running file on a specially crafted file, could possibly lead to the execution of arbitrary code with the privileges of the user running file (CVE-2007-2799). As well, in file 4.20, flawed regular expressions to identify OS/2 REXX files could lead to a denial of service via CPU consumption (CVE-2007-2026). The updated packages have been patched to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 25439 published 2007-06-07 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25439 title Mandrake Linux Security Advisory : file (MDKSA-2007:114) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2007-093-01.NASL description New file packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and -current to fix a security issue. NOTE: In Slackware 11.0 and earlier, the file utility was part of the required last seen 2020-06-01 modified 2020-06-02 plugin id 24916 published 2007-04-05 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24916 title Slackware 10.0 / 10.1 / 10.2 / 11.0 / 8.1 / 9.0 / 9.1 / current : file [and bin package] (SSA:2007-093-01) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_8E01AB5B094911DC8163000E0C2E438A.NASL description When writing data into a buffer in the file_printf function, the length of the unused portion of the buffer is not correctly tracked, resulting in a buffer overflow when processing certain files. Impact : An attacker who can cause file(1) to be run on a maliciously constructed input can cause file(1) to crash. It may be possible for such an attacker to execute arbitrary code with the privileges of the user running file(1). The above also applies to any other applications using the libmagic(3) library. Workaround : No workaround is available, but systems where file(1) and other libmagic(3)-using applications are never run on untrusted input are not vulnerable. last seen 2020-06-01 modified 2020-06-02 plugin id 25359 published 2007-06-01 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/25359 title FreeBSD : FreeBSD -- heap overflow in file(1) (8e01ab5b-0949-11dc-8163-000e0c2e438a) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2007-067.NASL description Jean-Sebastien Guay-Leroux discovered an integer underflow in the file_printf() function in file prior to 4.20 that allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow. Updated packages have been patched to address this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 24893 published 2007-03-26 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/24893 title Mandrake Linux Security Advisory : file (MDKSA-2007:067) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200703-26.NASL description The remote host is affected by the vulnerability described in GLSA-200703-26 (file: Integer underflow) Jean-Sebastien Guay-Leroux reported an integer underflow in file_printf function. Impact : A remote attacker could entice a user to run the last seen 2020-06-01 modified 2020-06-02 plugin id 24931 published 2007-04-05 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24931 title GLSA-200703-26 : file: Integer underflow NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2007-0124.NASL description An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The file command is used to identify a particular file according to the type of data contained by the file. An integer underflow flaw was found in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-1536) This issue did not affect the version of the file utility distributed with Red Hat Enterprise Linux 2.1 or 3. Users should upgrade to this erratum package, which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 24878 published 2007-03-26 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/24878 title CentOS 4 : file (CESA-2007:0124) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2007-0124.NASL description An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The file command is used to identify a particular file according to the type of data contained by the file. An integer underflow flaw was found in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-1536) This issue did not affect the version of the file utility distributed with Red Hat Enterprise Linux 2.1 or 3. Users should upgrade to this erratum package, which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 24897 published 2007-03-26 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/24897 title RHEL 4 / 5 : file (RHSA-2007:0124) NASL family SuSE Local Security Checks NASL id SUSE_FILE-3033.NASL description An integer underflow within the ELF header parsing has been fixed which could lead to arbitrary code execution. CVE-2007-1536 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 27214 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27214 title openSUSE 10 Security Update : file (file-3033) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201412-11.NASL description The remote host is affected by the vulnerability described in GLSA-201412-11 (AMD64 x86 emulation base libraries: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute arbitrary code, cause a Denial of Service condition, or obtain sensitive information. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 79964 published 2014-12-15 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79964 title GLSA-201412-11 : AMD64 x86 emulation base libraries: Multiple vulnerabilities (Heartbleed) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200710-19.NASL description The remote host is affected by the vulnerability described in GLSA-200710-19 (The Sleuth Kit: Integer underflow) Jean-Sebastien Guay-Leroux reported an integer underflow in the file_printf() function of the last seen 2020-06-01 modified 2020-06-02 plugin id 27517 published 2007-10-19 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/27517 title GLSA-200710-19 : The Sleuth Kit: Integer underflow NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2007-005.NASL description The remote host is running a version of Mac OS X 10.4 or 10.3 that does not have Security Update 2007-005 applied. This update fixes security flaws in the following applications : Alias Manager BIND CoreGraphics crontabs fetchmail file iChat mDNSResponder PPP ruby screen texinfo VPN last seen 2020-06-01 modified 2020-06-02 plugin id 25297 published 2007-05-25 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25297 title Mac OS X Multiple Vulnerabilities (Security Update 2007-005)
Oval
accepted | 2013-04-29T04:07:29.970-04:00 | ||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||
description | Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow. | ||||||||||||||||||||||||
family | unix | ||||||||||||||||||||||||
id | oval:org.mitre.oval:def:10658 | ||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||
submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||||||
title | Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow. | ||||||||||||||||||||||||
version | 27 |
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
Seebug
bulletinFamily | exploit |
description | Apple Mac OS X是一款基于BSD的商业性质的操作系统。 Apple Mac OS X存在多个安全问题,远程攻击者可以利用漏洞进行拒绝服务,执行任意代码,提升特权等攻击。 CVE-ID: CVE-2007-0740 Alias Manager在部分条件可以使用户打开恶意文件,导致特权提升。 CVE-ID: CVE-2007-0493, CVE-2007-0494, CVE-2006-4095, CVE-2006-4096: BIND服务程序存在多个安全问题,可导致拒绝服务攻击。 CVE-ID: CVE-2007-0750 CoreGraphics在打开特殊构建的PDF文件时可触发溢出,导致任意代码执行。 CVE-ID: CVE-2007-0751 当每日清楚脚本执行时,/tmp目录中的挂接的文件系统可被删除。 CVE-ID: CVE-2007-1558 fetchmail加密存在安全问题,可导致泄露密码信息。 CVE-ID: CVE-2007-1536 运行file命令打开特殊构建的文件可导致任意代码执行或拒绝服务攻击。 CVE-ID: CVE-2007-2390 iChat用于在家用NAT网关上建立端口映射的UPnP IGD代码存在缓冲区溢出,构建恶意报文可导致任意代码执行。 CVE-ID: CVE-2007-0752 PPP守护进程在通过命令行装载插件时可导致特权提升。 CVE-ID: CVE-2006-5467, CVE-2006-6303 Ruby CGI库存在多个拒绝服务攻击。 CVE-ID: CVE-2006-4573 GNU Screen存在多个拒绝服务问题。 CVE-ID: CVE-2005-3011 texinfo存在漏洞允许任意文件被覆盖。 CVE-ID: CVE-2007-0753 vpnd存在格式串问题,可用于提升特权。 Cosmicperl Directory Pro 10.0.3 Apple Mac OS X Server 10.4.9 Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.4.7 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.3.9 Apple Mac OS X Server 10.3.8 Apple Mac OS X Server 10.3.7 Apple Mac OS X Server 10.3.6 Apple Mac OS X Server 10.3.5 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.3.3 Apple Mac OS X Server 10.3.2 Apple Mac OS X Server 10.3.1 Apple Mac OS X Server 10.3 Apple Mac OS X Server 10.2.8 Apple Mac OS X Server 10.2.7 Apple Mac OS X Server 10.2.6 Apple Mac OS X Server 10.2.5 Apple Mac OS X Server 10.2.4 Apple Mac OS X Server 10.2.3 Apple Mac OS X Server 10.2.2 Apple Mac OS X Server 10.2.1 Apple Mac OS X Server 10.2 Apple Mac OS X Server 10.1.5 Apple Mac OS X Server 10.1.4 Apple Mac OS X Server 10.1.3 Apple Mac OS X Server 10.1.2 Apple Mac OS X Server 10.1.1 Apple Mac OS X Server 10.1 Apple Mac OS X Server 10.0 Apple Mac OS X Preview.app 3.0.8 Apple Mac OS X 10.4.9 Apple Mac OS X 10.4.8 Apple Mac OS X 10.4.7 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.4 Apple Mac OS X 10.3.9 Apple Mac OS X 10.3.8 Apple Mac OS X 10.3.7 Apple Mac OS X 10.3.6 Apple Mac OS X 10.3.5 Apple Mac OS X 10.3.4 Apple Mac OS X 10.3.3 Apple Mac OS X 10.3.2 Apple Mac OS X 10.3.1 Apple Mac OS X 10.3 Apple Mac OS X 10.2.8 Apple Mac OS X 10.2.7 Apple Mac OS X 10.2.6 Apple Mac OS X 10.2.5 Apple Mac OS X 10.2.4 Apple Mac OS X 10.2.3 Apple Mac OS X 10.2.2 Apple Mac OS X 10.2.1 Apple Mac OS X 10.2 Apple Mac OS X 10.1.5 Apple Mac OS X 10.1.4 Apple Mac OS X 10.1.3 Apple Mac OS X 10.1.2 Apple Mac OS X 10.1.1 Apple Mac OS X 10.1 Apple Mac OS X 10.1 Apple Mac OS X 10.0.4 Apple Mac OS X 10.0.3 Apple Mac OS X 10.0.2 Apple Mac OS X 10.0.1 Apple Mac OS X 10.0 3 Apple Mac OS X 10.0 升级程序: Apple Mac OS X Server 10.3.9 * Apple SecUpdSrvr2007-005Pan.dmg <a href="http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13993&cat=" target="_blank">http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13993&cat=</a> 1&platform=osx&method=sa/SecUpdSrvr2007-005Pan.dmg Apple Mac OS X 10.3.9 * Apple SecUpd2007-005Pan.dmg <a href="http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13992&cat=" target="_blank">http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13992&cat=</a> 1&platform=osx&method=sa/SecUpd2007-005Pan.dmg Apple Mac OS X Server 10.4.9 * Apple SecUpd2007-005Ti.dmg <a href="http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13995&cat=" target="_blank">http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13995&cat=</a> 1&platform=osx&method=sa/SecUpd2007-005Ti.dmg * Apple SecUpd2007-005Univ.dmg <a href="http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13998&cat=" target="_blank">http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13998&cat=</a> 1&platform=osx&method=sa/SecUpd2007-005Univ.dmg Apple Mac OS X 10.4.9 * Apple SecUpd2007-005Ti.dmg <a href="http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13995&cat=" target="_blank">http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13995&cat=</a> 1&platform=osx&method=sa/SecUpd2007-005Ti.dmg * Apple SecUpd2007-005Univ.dmg <a href="http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13998&cat=" target="_blank">http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13998&cat=</a> 1&platform=osx&method=sa/SecUpd2007-005Univ.dmg |
id | SSV:1795 |
last seen | 2017-11-19 |
modified | 2007-05-25 |
published | 2007-05-25 |
reporter | Root |
title | Apple Mac OS X 2007-005多个安全漏洞 |
References
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc
- http://docs.info.apple.com/article.html?artnum=305530
- http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
- http://mx.gw.com/pipermail/file/2007/000161.html
- http://openbsd.org/errata40.html#015_file
- http://secunia.com/advisories/24548
- http://secunia.com/advisories/24592
- http://secunia.com/advisories/24604
- http://secunia.com/advisories/24608
- http://secunia.com/advisories/24616
- http://secunia.com/advisories/24617
- http://secunia.com/advisories/24723
- http://secunia.com/advisories/24754
- http://secunia.com/advisories/25133
- http://secunia.com/advisories/25393
- http://secunia.com/advisories/25402
- http://secunia.com/advisories/25931
- http://secunia.com/advisories/25989
- http://secunia.com/advisories/27307
- http://secunia.com/advisories/27314
- http://secunia.com/advisories/29179
- http://security.freebsd.org/advisories/FreeBSD-SA-07:04.file.asc
- http://security.gentoo.org/glsa/glsa-200703-26.xml
- http://security.gentoo.org/glsa/glsa-200710-19.xml
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.512926
- http://support.avaya.com/elmodocs2/security/ASA-2007-179.htm
- http://www.debian.org/security/2007/dsa-1274
- http://www.kb.cert.org/vuls/id/606700
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:067
- http://www.novell.com/linux/security/advisories/2007_40_file.html
- http://www.novell.com/linux/security/advisories/2007_5_sr.html
- http://www.redhat.com/support/errata/RHSA-2007-0124.html
- http://www.securityfocus.com/archive/1/477861/100/0/threaded
- http://www.securityfocus.com/archive/1/477950/100/0/threaded
- http://www.securityfocus.com/bid/23021
- http://www.securitytracker.com/id?1017796
- http://www.ubuntu.com/usn/usn-439-1
- http://www.vupen.com/english/advisories/2007/1040
- http://www.vupen.com/english/advisories/2007/1939
- https://bugs.gentoo.org/show_bug.cgi?id=171452
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36283
- https://issues.rpath.com/browse/RPL-1148
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10658