Vulnerabilities > CVE-2014-9620 - Resource Management Errors vulnerability in File Project File

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
file-project
CWE-399
nessus

Summary

The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201503-08.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201503-08 (file: Denial of Service) Multiple issues with the ELF parser used by the file utility have been detected and fixed. Impact : A context-dependent attacker can cause Denial of Service. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id82007
    published2015-03-24
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82007
    titleGLSA-201503-08 : file: Denial of Service
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201503-08.
    #
    # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(82007);
      script_version("1.3");
      script_cvs_date("Date: 2018/12/05 20:31:22");
    
      script_cve_id("CVE-2014-2270", "CVE-2014-9620", "CVE-2014-9621");
      script_bugtraq_id(66002, 71714, 71715);
      script_xref(name:"GLSA", value:"201503-08");
    
      script_name(english:"GLSA-201503-08 : file: Denial of Service");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201503-08
    (file: Denial of Service)
    
        Multiple issues with the ELF parser used by the file utility have been
          detected and fixed.
      
    Impact :
    
        A context-dependent attacker can cause Denial of Service.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201503-08"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All file users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=sys-apps/file-5.22'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:file");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/03/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"sys-apps/file", unaffected:make_list("ge 5.22"), vulnerable:make_list("lt 5.22"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "file");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-1298.NASL
    descriptionThe GNU file utility was updated to version 5.22. Security issues fixed : - CVE-2014-9621: The ELF parser in file allowed remote attackers to cause a denial of service via a long string. (bsc#913650) - CVE-2014-9620: The ELF parser in file allowed remote attackers to cause a denial of service via a large number of notes. (bsc#913651) - CVE-2014-9653: readelf.c in file did not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file. (bsc#917152) - CVE-2014-8116: The ELF parser (readelf.c) in file allowed remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. (bsc#910253) - CVE-2014-8117: softmagic.c in file did not properly limit recursion, which allowed remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. (bsc#910253) Version update to file version 5.22 - add indirect relative for TIFF/Exif - restructure elf note printing to avoid repeated messages - add note limit, suggested by Alexander Cherepanov - Bail out on partial pread()
    last seen2020-06-05
    modified2017-11-27
    plugin id104764
    published2017-11-27
    reporterThis script is Copyright (C) 2017-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/104764
    titleopenSUSE Security Update : file (openSUSE-2017-1298)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2017-1298.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(104764);
      script_version("3.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2014-8116", "CVE-2014-8117", "CVE-2014-9620", "CVE-2014-9621", "CVE-2014-9653");
    
      script_name(english:"openSUSE Security Update : file (openSUSE-2017-1298)");
      script_summary(english:"Check for the openSUSE-2017-1298 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The GNU file utility was updated to version 5.22.
    
    Security issues fixed :
    
      - CVE-2014-9621: The ELF parser in file allowed remote
        attackers to cause a denial of service via a long
        string. (bsc#913650)
    
      - CVE-2014-9620: The ELF parser in file allowed remote
        attackers to cause a denial of service via a large
        number of notes. (bsc#913651)
    
      - CVE-2014-9653: readelf.c in file did not consider that
        pread calls sometimes read only a subset of the
        available data, which allows remote attackers to cause a
        denial of service (uninitialized memory access) or
        possibly have unspecified other impact via a crafted ELF
        file. (bsc#917152)
    
      - CVE-2014-8116: The ELF parser (readelf.c) in file
        allowed remote attackers to cause a denial of service
        (CPU consumption or crash) via a large number of (1)
        program or (2) section headers or (3) invalid
        capabilities. (bsc#910253)
    
      - CVE-2014-8117: softmagic.c in file did not properly
        limit recursion, which allowed remote attackers to cause
        a denial of service (CPU consumption or crash) via
        unspecified vectors. (bsc#910253)
    
    Version update to file version 5.22
    
      - add indirect relative for TIFF/Exif
    
      - restructure elf note printing to avoid repeated messages
    
      - add note limit, suggested by Alexander Cherepanov
    
      - Bail out on partial pread()'s (Alexander Cherepanov)
    
      - Fix incorrect bounds check in file_printable (Alexander
        Cherepanov)
    
      - PR/405: ignore SIGPIPE from uncompress programs
    
      - change printable -> file_printable and use it in more
        places for safety
    
      - in ELF, instead of '(uses dynamic libraries)' when
        PT_INTERP is present print the interpreter name.
    
    Version update to file version 5.21
    
      - there was an incorrect free in magic_load_buffers()
    
      - there was an out of bounds read for some pascal strings
    
      - there was a memory leak in magic lists
    
      - don't interpret strings printed from files using the
        current locale, convert them to ascii format first.
    
      - there was an out of bounds read in elf note reads
    
    Update to file version 5.20
    
      - recognize encrypted CDF documents
    
      - add magic_load_buffers from Brooks Davis
    
      - add thumbs.db support
    
    Additional non-security bug fixes :
    
      - Fixed a memory corruption during rpmbuild (bsc#1063269)
    
      - Backport of a fix for an increased printable string
        length as found in file 5.30 (bsc#996511)
    
      - file command throws 'Composite Document File V2
        Document, corrupt: Can't read SSAT' error against excel
        97/2003 file format. (bsc#1009966)
    
    This update was imported from the SUSE:SLE-12:Update update project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1009966"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1063269"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=910252"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=910253"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=913650"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=913651"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=917152"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=996511"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected file packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:file");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:file-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:file-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:file-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:file-magic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmagic1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmagic1-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmagic1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmagic1-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-magic");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/11/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/11/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.2|SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.2 / 42.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.2", reference:"file-5.22-7.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"file-debuginfo-5.22-7.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"file-debugsource-5.22-7.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"file-devel-5.22-7.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"file-magic-5.22-7.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"libmagic1-5.22-7.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"libmagic1-debuginfo-5.22-7.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"python-magic-5.22-7.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"libmagic1-32bit-5.22-7.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"libmagic1-debuginfo-32bit-5.22-7.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"file-5.22-10.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"file-debuginfo-5.22-10.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"file-debugsource-5.22-10.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"file-devel-5.22-10.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"file-magic-5.22-10.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libmagic1-5.22-10.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libmagic1-debuginfo-5.22-10.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-magic-5.22-10.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libmagic1-32bit-5.22-10.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libmagic1-debuginfo-32bit-5.22-10.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "file / file-debuginfo / file-debugsource / file-devel / file-magic / etc");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3121.NASL
    descriptionMultiple security issues have been found in file, a tool/library to determine a file type. Processing a malformed file could result in denial of service. Most of the changes are related to parsing ELF files. As part of the fixes, several limits on aspects of the detection were added or tightened, sometimes resulting in messages like
    last seen2020-03-17
    modified2015-01-09
    plugin id80420
    published2015-01-09
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80420
    titleDebian DSA-3121-1 : file - security update
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-0760.NASL
    descriptionFrom Red Hat Security Advisory 2016:0760 : An update for file is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Security Fix(es) : * Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) * A denial of service flaw was found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash file via a specially crafted CDF file. (CVE-2014-3587) * Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9620, CVE-2014-9653) Red Hat would like to thank Thomas Jarosch (Intra2net AG) for reporting CVE-2014-8116 and CVE-2014-8117. The CVE-2014-3538 issue was discovered by Jan Kaluza (Red Hat Web Stack Team) and the CVE-2014-3710 issue was discovered by Francisco Alonso (Red Hat Product Security). For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.8 Release Notes and Red Hat Enterprise Linux 6.8 Technical Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id91149
    published2016-05-16
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91149
    titleOracle Linux 6 : file (ELSA-2016-0760)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2449.NASL
    descriptionAccording to the versions of the file packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).(CVE-2019-18218) - The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.(CVE-2014-9620) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-12-04
    plugin id131603
    published2019-12-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131603
    titleEulerOS 2.0 SP2 : file (EulerOS-SA-2019-2449)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0050.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2014-3538 (unrestricted regular expression matching) - fix #1284826 - try to read ELF header to detect corrupted one - fix #1263987 - fix bugs found by coverity in the patch - fix CVE-2014-3587 (incomplete fix for CVE-2012-1571) - fix CVE-2014-3710 (out-of-bounds read in elf note headers) - fix CVE-2014-8116 (multiple DoS issues (resource consumption)) - fix CVE-2014-8117 (denial of service issue (resource consumption)) - fix CVE-2014-9620 (limit the number of ELF notes processed) - fix CVE-2014-9653 (malformed elf file causes access to uninitialized memory) - fix #809898 - add support for detection of Python 2.7 byte-compiled files - fix #1263987 - fix coredump execfn detection on ppc64 and s390 - fix #966953 - include msooxml file in magic.mgc generation - fix #966953 - increate the strength of MSOOXML magic patterns - fix #1169509 - add support for Java 1.7 and 1.8 - fix #1243650 - comment out too-sensitive Pascal magic - fix #1080453 - remove .orig files from magic directory - fix #1161058 - add support for EPUB - fix #1162149 - remove parts of patches patching .orig files - fix #1154802 - fix detection of zip files containing file named mime - fix #1246073 - fix detection UTF8 and UTF16 encoded XML files - fix #1263987 - add new execfn to coredump output to show the real name of executable which generated the coredump - fix #809898 - add support for detection of Python 3.2-3.5 byte-compiled files - fix #966953 - backport support for MSOOXML
    last seen2020-06-01
    modified2020-06-02
    plugin id91155
    published2016-05-16
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91155
    titleOracleVM 3.3 / 3.4 : file (OVMSA-2016-0050)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-080.NASL
    descriptionMultiple vulnerabilities has been discovered and corrected in php : It was discovered that the file utility contains a flaw in the handling of indirect magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files (CVE-2014-1943). A flaw was found in the way the file utility determined the type of Portable Executable (PE) format files, the executable format used on Windows. A malicious PE file could cause the file utility to crash or, potentially, execute arbitrary code (CVE-2014-2270). The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters (CVE-2013-7345). PHP FPM in PHP versions before 5.4.28 and 5.5.12 uses a UNIX domain socket with world-writable permissions by default, which allows any local user to connect to it and execute PHP scripts as the apache user (CVE-2014-0185). A flaw was found in the way file
    last seen2020-06-01
    modified2020-06-02
    plugin id82333
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82333
    titleMandriva Linux Security Advisory : php (MDVSA-2015:080)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-2020.NASL
    descriptionUpdate to File-5.22. Fixes various CVE bugs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-02-18
    plugin id81394
    published2015-02-18
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81394
    titleFedora 21 : file-5.22-2.fc21 (2015-2020)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-3048-1.NASL
    descriptionThe GNU file utility was updated to version 5.22. Security issues fixed : - CVE-2014-9621: The ELF parser in file allowed remote attackers to cause a denial of service via a long string. (bsc#913650) - CVE-2014-9620: The ELF parser in file allowed remote attackers to cause a denial of service via a large number of notes. (bsc#913651) - CVE-2014-9653: readelf.c in file did not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file. (bsc#917152) - CVE-2014-8116: The ELF parser (readelf.c) in file allowed remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. (bsc#910253) - CVE-2014-8117: softmagic.c in file did not properly limit recursion, which allowed remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. (bsc#910253) Version update to file version 5.22 - add indirect relative for TIFF/Exif - restructure elf note printing to avoid repeated messages - add note limit, suggested by Alexander Cherepanov - Bail out on partial pread()
    last seen2020-06-01
    modified2020-06-02
    plugin id104777
    published2017-11-27
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/104777
    titleSUSE SLED12 / SLES12 Security Update : file (SUSE-SU-2017:3048-1)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-497.NASL
    descriptionThe ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. (CVE-2014-9620) The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. (CVE-2014-8116) It was reported that a malformed elf file can cause file urility to access invalid memory. (CVE-2014-9653) The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string. (CVE-2014-9621) softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. (CVE-2014-8117)
    last seen2020-06-01
    modified2020-06-02
    plugin id82046
    published2015-03-25
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82046
    titleAmazon Linux AMI : file (ALAS-2015-497)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3686-1.NASL
    descriptionAlexander Cherepanov discovered that file incorrectly handled a large number of notes. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9620) Alexander Cherepanov discovered that file incorrectly handled certain long strings. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9620) Alexander Cherepanov discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9653) It was discovered that file incorrectly handled certain magic files. An attacker could use this issue with a specially crafted magic file to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-8865) It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service. (CVE-2018-10360). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id110552
    published2018-06-15
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110552
    titleUbuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : file vulnerabilities (USN-3686-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2578.NASL
    descriptionAccording to the version of the file packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.(CVE-2014-9620) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-12-19
    plugin id132295
    published2019-12-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132295
    titleEulerOS 2.0 SP3 : file (EulerOS-SA-2019-2578)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-010.NASL
    descriptionUpdated file packages fix security vulnerabilities : Thomas Jarosch of Intra2net AG reported that using the file command on a specially crafted ELF binary could lead to a denial of service due to uncontrolled resource consumption (CVE-2014-8116). Thomas Jarosch of Intra2net AG reported that using the file command on a specially crafted ELF binary could lead to a denial of service due to uncontrolled recursion (CVE-2014-8117). The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes (CVE-2014-9620). The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string (CVE-2014-9621). The updated file packages has been upgraded to the latest 5.22 version which is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id80429
    published2015-01-09
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80429
    titleMandriva Linux Security Advisory : file (MDVSA-2015:010)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-0760.NASL
    descriptionAn update for file is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Security Fix(es) : * Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) * A denial of service flaw was found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash file via a specially crafted CDF file. (CVE-2014-3587) * Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9620, CVE-2014-9653) Red Hat would like to thank Thomas Jarosch (Intra2net AG) for reporting CVE-2014-8116 and CVE-2014-8117. The CVE-2014-3538 issue was discovered by Jan Kaluza (Red Hat Web Stack Team) and the CVE-2014-3710 issue was discovered by Francisco Alonso (Red Hat Product Security). For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.8 Release Notes and Red Hat Enterprise Linux 6.8 Technical Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id91167
    published2016-05-17
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91167
    titleCentOS 6 : file (CESA-2016:0760)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0760.NASL
    descriptionAn update for file is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Security Fix(es) : * Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) * A denial of service flaw was found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash file via a specially crafted CDF file. (CVE-2014-3587) * Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9620, CVE-2014-9653) Red Hat would like to thank Thomas Jarosch (Intra2net AG) for reporting CVE-2014-8116 and CVE-2014-8117. The CVE-2014-3538 issue was discovered by Jan Kaluza (Red Hat Web Stack Team) and the CVE-2014-3710 issue was discovered by Francisco Alonso (Red Hat Product Security). For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.8 Release Notes and Red Hat Enterprise Linux 6.8 Technical Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id91074
    published2016-05-12
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91074
    titleRHEL 6 : file (RHSA-2016:0760)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160510_FILE_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) - A denial of service flaw was found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash file via a specially crafted CDF file. (CVE-2014-3587) - Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9620, CVE-2014-9653)
    last seen2020-03-18
    modified2016-06-09
    plugin id91537
    published2016-06-09
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91537
    titleScientific Linux Security Update : file on SL6.x i386/x86_64 (20160510)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-0053-1.NASL
    descriptionThe Docker images provided with SUSE CaaS Platform 2.0 have been updated to include the following updates: binutils : - Update to version 2.29 - 18750 bsc#1030296 CVE-2014-9939 - 20891 bsc#1030585 CVE-2017-7225 - 20892 bsc#1030588 CVE-2017-7224 - 20898 bsc#1030589 CVE-2017-7223 - 20905 bsc#1030584 CVE-2017-7226 - 20908 bsc#1031644 CVE-2017-7299 - 20909 bsc#1031656 CVE-2017-7300 - 20921 bsc#1031595 CVE-2017-7302 - 20922 bsc#1031593 CVE-2017-7303 - 20924 bsc#1031638 CVE-2017-7301 - 20931 bsc#1031590 CVE-2017-7304 - 21135 bsc#1030298 CVE-2017-7209 - 21137 bsc#1029909 CVE-2017-6965 - 21139 bsc#1029908 CVE-2017-6966 - 21156 bsc#1029907 CVE-2017-6969 - 21157 bsc#1030297 CVE-2017-7210 - 21409 bsc#1037052 CVE-2017-8392 - 21412 bsc#1037057 CVE-2017-8393 - 21414 bsc#1037061 CVE-2017-8394 - 21432 bsc#1037066 CVE-2017-8396 - 21440 bsc#1037273 CVE-2017-8421 - 21580 bsc#1044891 CVE-2017-9746 - 21581 bsc#1044897 CVE-2017-9747 - 21582 bsc#1044901 CVE-2017-9748 - 21587 bsc#1044909 CVE-2017-9750 - 21594 bsc#1044925 CVE-2017-9755 - 21595 bsc#1044927 CVE-2017-9756 - 21787 bsc#1052518 CVE-2017-12448 - 21813 bsc#1052503, CVE-2017-12456, bsc#1052507, CVE-2017-12454, bsc#1052509, CVE-2017-12453, bsc#1052511, CVE-2017-12452, bsc#1052514, CVE-2017-12450, bsc#1052503, CVE-2017-12456, bsc#1052507, CVE-2017-12454, bsc#1052509, CVE-2017-12453, bsc#1052511, CVE-2017-12452, bsc#1052514, CVE-2017-12450 - 21933 bsc#1053347 CVE-2017-12799 - 21990 bsc#1058480 CVE-2017-14333 - 22018 bsc#1056312 CVE-2017-13757 - 22047 bsc#1057144 CVE-2017-14129 - 22058 bsc#1057149 CVE-2017-14130 - 22059 bsc#1057139 CVE-2017-14128 - 22113 bsc#1059050 CVE-2017-14529 - 22148 bsc#1060599 CVE-2017-14745 - 22163 bsc#1061241 CVE-2017-14974 - 22170 bsc#1060621 CVE-2017-14729 - Make compressed debug section handling explicit, disable for old products and enable for gas on all architectures otherwise. [bsc#1029995] - Remove empty rpath component removal optimization from to workaround CMake rpath handling. [bsc#1025282] - Fix alignment frags for aarch64 (bsc#1003846) coreutils : - Fix df(1) to no longer interact with excluded file system types, so for example specifying -x nfs no longer hangs with problematic nfs mounts. (bsc#1026567) - Ensure df -l no longer interacts with dummy file system types, so for example no longer hangs with problematic NFS mounted via system.automount(5). (bsc#1043059) - Significantly speed up df(1) for huge mount lists. (bsc#965780) file : - update to version 5.22. - CVE-2014-9621: The ELF parser in file allowed remote attackers to cause a denial of service via a long string. (bsc#913650) - CVE-2014-9620: The ELF parser in file allowed remote attackers to cause a denial of service via a large number of notes. (bsc#913651) - CVE-2014-9653: readelf.c in file did not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file. (bsc#917152) - CVE-2014-8116: The ELF parser (readelf.c) in file allowed remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. (bsc#910253) - CVE-2014-8117: softmagic.c in file did not properly limit recursion, which allowed remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. (bsc#910253) - Fixed a memory corruption during rpmbuild (bsc#1063269) - Backport of a fix for an increased printable string length as found in file 5.30 (bsc#996511) - file command throws
    last seen2020-06-01
    modified2020-06-02
    plugin id106092
    published2018-01-17
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106092
    titleSUSE SLES12 Security Update : CaaS Platform 2.0 images (SUSE-SU-2018:0053-1)

Redhat

advisories
rhsa
idRHSA-2016:0760
rpms
  • file-0:5.04-30.el6
  • file-debuginfo-0:5.04-30.el6
  • file-devel-0:5.04-30.el6
  • file-libs-0:5.04-30.el6
  • file-static-0:5.04-30.el6
  • python-magic-0:5.04-30.el6