• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

File Utility Local Memory Allocation Vulnerability

Solution:
Sun have reported that patches to address this issue are pending release. See referenced advisory (Sun Alert ID: 56040) for further detail.

SuSE has released a security advisory (SuSE-SA:2003:017) which contains fixes for this issue. Users are advised to upgrade as soon as possible.

Debian has released a security advisory (DSA-260-1) which contains fixes for this issue. Users are advised to upgrade as soon as possible.

Gentoo Linux users running sys-apps/file may upgrade to file-3.41 with the following commands:

emerge sync
emerge file
emerge clean

Trustix advisory TSL-2003-0006 contains fixes which address this issue. Please see the attached advisory for details on obtaining and applying fixes.

Sun has released a fix for Sun Linux 5.0.6.

Fixes have been made available:


file file 3.28

• Debian file_3.28-1.potato.1_alpha.deb
  Debian 2.2 (potato)
  http://security.debian.org/pool/updates/main/f/file/file_3.28-1.potato .1_alpha.deb


• Debian file_3.28-1.potato.1_arm.deb
  Debian 2.2 (potato)
  http://security.debian.org/pool/updates/main/f/file/file_3.28-1.potato .1_arm.deb


• Debian file_3.28-1.potato.1_i386.deb
  Debian 2.2 (potato)
  http://security.debian.org/pool/updates/main/f/file/file_3.28-1.potato .1_i386.deb


• Debian file_3.28-1.potato.1_m68k.deb
  Debian 2.2 (potato)
  http://security.debian.org/pool/updates/main/f/file/file_3.28-1.potato .1_m68k.deb


• Debian file_3.28-1.potato.1_powerpc.deb
  Debian 2.2 (potato)
  http://security.debian.org/pool/updates/main/f/file/file_3.28-1.potato .1_powerpc.deb


• Debian file_3.28-1.potato.1_sparc.deb
  Debian 2.2 (potato)
  http://security.debian.org/pool/updates/main/f/file/file_3.28-1.potato .1_sparc.deb


• Red Hat file-3.39-8.6x.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/file-3.39-8.6x.i386.rpm


• SCO file-3.28-8.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-018.0/R PMS/file-3.28-8.i386.rpm


• SCO file-3.28-8.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-01 8.0/RPMS/file-3.28-8.i386.rpm


• SCO file-3.28-8.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-018.0/RPM S/file-3.28-8.i386.rpm


• SCO file-3.28-8.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-018. 0/RPMS/file-3.28-8.i386.rpm

file file 3.30

• Red Hat file-3.39-8.7x.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/file-3.39-8.7x.i386.rpm

file file 3.32

• MandrakeSoft file-3.41-1.1mdk.i586.rpm
  Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php


• MandrakeSoft file-3.41-1.1mdk.i586.rpm
  Linux-Mandrake 7.2
  http://www.mandrakesecure.net/en/ftp.php


• MandrakeSoft file-3.41-1.1mdk.i586.rpm
  Mandrake Linux 9.0
  http://www.mandrakesecure.net/en/ftp.php


• MandrakeSoft file-3.41-1.1mdk.i586.rpm
  Single Network Firewall 7.2
  http://www.mandrakesecure.net/en/ftp.php


• S.u.S.E. file-3.32-118.i386.rpm
  SuSE-7.1
  ftp://ftp.suse.com/pub/suse/i386/update/7.1/a1/file-3.32-118.i386.rpm


• S.u.S.E. file-3.32-118.src.rpm
  SuSE-7.1
  ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/file-3.32-118.src.rpm


• S.u.S.E. file-3.32-36.ppc.rpm
  SuSE-7.1
  ftp://ftp.suse.com/pub/suse/ppc/update/7.1/a1/file-3.32-36.ppc.rpm


• S.u.S.E. file-3.32-36.src.rpm
  SuSE-7.1
  ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/file-3.32-36.src.rpm


• S.u.S.E. file-3.32-69.alpha.rpm
  SuSE-7.1
  ftp://ftp.suse.com/pub/suse/axp/update/7.1/a1/file-3.32-69.alpha.rpm


• S.u.S.E. file-3.32-69.src.rpm
  SuSE-7.1
  ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/file-3.32-69.src.rpm


• S.u.S.E. file-3.33-85.i386.rpm
  SuSE-7.3
  ftp://ftp.suse.com/pub/suse/i386/update/7.3/a1/file-3.33-85.i386.rpm


• S.u.S.E. file-3.33-85.src.rpm
  SuSE-7.3
  ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/file-3.33-85.src.rpm


• Trustix file-3.41-1tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/file-3.41-1tr.i586. rpm


• Trustix file-3.41-1tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/file-3.41-1tr.i586. rpm

file file 3.33

• Red Hat file-3.39-8.7x.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/file-3.39-8.7x.i386.rpm


• S.u.S.E. file-3.33-39.sparc.rpm
  SuSE-7.3
  ftp://ftp.suse.com/pub/suse/sparc/update/7.3/a1/file-3.33-39.sparc.rpm


• S.u.S.E. file-3.33-39.src.rpm
  SuSE-7.3
  ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/file-3.33-39.src.rpm


• S.u.S.E. file-3.33-69.ppc.rpm
  SuSE-7.3
  ftp://ftp.suse.com/pub/suse/ppc/update/7.3/a1/file-3.33-69.ppc.rpm


• S.u.S.E. file-3.33-69.src.rpm
  SuSE-7.3
  ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/file-3.33-69.src.rpm

file file 3.34

• MandrakeSoft file-3.41-1.1mdk.i586.rpm
  Mandrake Linux 8.0
  http://www.mandrakesecure.net/en/ftp.php


• MandrakeSoft file-3.41-1.1mdk.ppc.rpm
  Mandrake Linux 8.0/PPC
  http://www.mandrakesecure.net/en/ftp.php

file file 3.35

• Red Hat file-3.39-8.7x.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/file-3.39-8.7x.i386.rpm


• Red Hat file-3.39-8.7x.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/file-3.39-8.7x.ia64.rpm


• Trustix file-3.41-1tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/file-3.41-1tr.i586. rpm

file file 3.36

• MandrakeSoft file-3.41-1.1mdk.i586.rpm
  Mandrake Linux 8.1
  http://www.mandrakesecure.net/en/ftp.php


• MandrakeSoft file-3.41-1.1mdk.ia64.rpm
  Mandrake Linux 8.1/IA64
  http://www.mandrakesecure.net/en/ftp.php

file file 3.37

• Conectiva file-3.41-1U60_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/6.0/RPMS/file-3.41-1U60_1cl.i386.r pm


• Conectiva file-3.41-1U70_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/file-3.41-1U70_1cl.i386.r pm


• Conectiva file-3.41-1U80_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/8/RPMS/file-3.41-1U80_1cl.i386.rpm


• Debian file_3.37-3.1.woody.1_alpha.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_alpha.deb


• Debian file_3.37-3.1.woody.1_arm.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_arm.deb


• Debian file_3.37-3.1.woody.1_hppa.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_hppa.deb


• Debian file_3.37-3.1.woody.1_i386.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_i386.deb


• Debian file_3.37-3.1.woody.1_ia64.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_ia64.deb


• Debian file_3.37-3.1.woody.1_m68k.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_m68k.deb


• Debian file_3.37-3.1.woody.1_mips.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_mips.deb


• Debian file_3.37-3.1.woody.1_mipsel.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_mipsel.deb


• Debian file_3.37-3.1.woody.1_powerpc.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_powerpc.deb


• Debian file_3.37-3.1.woody.1_s390.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_s390.deb


• Debian file_3.37-3.1.woody.1_sparc.deb
  Debian 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/file/file_3.37-3.1.wood y.1_sparc.deb


• file file-3.41.tar.gz
  ftp://ftp.gw.com/mirrors/pub/unix/file/file-3.41.tar.gz


• MandrakeSoft file-3.41-1.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php


• MandrakeSoft file-3.41-1.1mdk.ppc.rpm
  Mandrake Linux 8.2/PPC
  http://www.mandrakesecure.net/en/ftp.php


• Red Hat file-3.39-8.7x.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/file-3.39-8.7x.i386.rpm


• Red Hat file-3.39-9.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/file-3.39-9.i386.rpm


• S.u.S.E. file-3.37-206.i386.patch.rpm
  SuSE-8.0
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/a1/file-3.37-206.i386.patc h.rpm


• S.u.S.E. file-3.37-206.i386.rpm
  SuSE-8.0
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/a1/file-3.37-206.i386.rpm


• S.u.S.E. file-3.37-206.i586.patch.rpm
  SuSE-8.1
  ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/file-3.37-206.i58 6.patch.rpm


• S.u.S.E. file-3.37-206.i586.rpm
  SuSE-8.1
  ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/file-3.37-206.i58 6.rpm


• S.u.S.E. file-3.37-206.src.rpm
  SuSE-8.0
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/file-3.37-206.src.rpm


• S.u.S.E. file-3.37-206.src.rpm
  SuSE-8.1
  ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/file-3.37-206.src. rpm

file file 3.39

• file file-3.41.tar.gz
  ftp://ftp.gw.com/mirrors/pub/unix/file/file-3.41.tar.gz


• MandrakeSoft file-3.41-1.1mdk.i586.rpm
  Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php


• MandrakeSoft file-3.41-1.1mdk.i586.rpm
  Mandrake Linux 9.0
  http://www.mandrakesecure.net/en/ftp.php


• OpenPKG file-3.39-1.1.2.src.rpm
  ftp://ftp.openpkg.org/release/1.1/UPD/file-3.39-1.1.2.src.rpm


• OpenPKG file-3.39-1.2.1.src.rpm
  ftp://ftp.openpkg.org/release/1.2/UPD/file-3.39-1.2.1.src.rpm


• Red Hat file-3.39-8.7x.ppc.rpm
  ftp://updates.redhat.com/7.1/en/os/iSeries/ppc/file-3.39-8.7x.ppc.rpm


• Red Hat file-3.39-8.7x.ppc.rpm
  ftp://updates.redhat.com/7.1/en/os/pSeries/ppc/file-3.39-8.7x.ppc.rpm


• Sun file-3.39-8.7x.i386.rpm
  ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPM S/file-3.39-8.7x.i386.rpm

file file 3.40

• EnGarde Secure Linux file-3.41-1.0.2.i386.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i386/file-3.41-1 .0.2.i386.rpm


• EnGarde Secure Linux file-3.41-1.0.2.i686.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i686/file-3.41-1 .0.2.i686.rpm


• EnGarde Secure Linux file-3.41-1.0.2.src.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/SRPMS/file-3.41- 1.0.2.src.rpm


• file file-3.41.tar.gz
  ftp://ftp.gw.com/mirrors/pub/unix/file/file-3.41.tar.gz


• OpenPKG file-3.41-20030228.src.rpm
  ftp://ftp.openpkg.org/current/SRC/file-3.41-20030228.src.rpm