[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[RHSA-2003:087-08] Updated file packages fix vulnerability



---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated file packages fix vulnerability
Advisory ID:       RHSA-2003:087-08
Issue date:        2003-03-05
Updated on:        2003-03-10
Product:           Red Hat Advanced Products
Keywords:          readelf.c flaw:buf file
Cross references:  
Obsoletes:         
CVE Names:         CAN-2003-0102
---------------------------------------------------------------------

1. Topic:

Updated file packages are available to close a buffer overflow vulnerability.

2. Relevant releases/architectures:

Red Hat Linux Advanced Server 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64

3. Problem description:

The file command is used to identify a particular file according to
the type of data contained by the file.

The file utility before version 3.41 contains a buffer overflow
vulnerability in the ELF parsing routines. This vulnerability may
allow an attacker to create a carefully crafted binary which can cause
arbitrary code to run if a victim runs the file command against that
binary.

On some distributions it may also be possible to trigger this file command
vulnerability by encouraging the victim to use the
less command on an exploited file name so that it will be processed by the
lesspipe.sh script.

All users are advised to update to these erratum packages which
contain a backported patch to correct this vulnerability.

Red Hat would like to thank iDefense for disclosing this issue and
zen-parse for discussion of some of the implications.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

Please note that this update is available via Red Hat Network.  To use Red
Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.


5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

85635 - file utility contains buffer overflow

6. RPMs required:

Red Hat Linux Advanced Server 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/file-3.39-8.7x.src.rpm

i386:
Available from Red Hat Network: file-3.39-8.7x.i386.rpm

ia64:
Available from Red Hat Network: file-3.39-8.7x.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/file-3.39-8.7x.src.rpm

ia64:
Available from Red Hat Network: file-3.39-8.7x.ia64.rpm



7. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
15c75893938ec25e6ae872674560d782 2.1AS/en/os/SRPMS/file-3.39-8.7x.src.rpm
57ff358a59f9420cebf55059ab64300d 2.1AS/en/os/i386/file-3.39-8.7x.i386.rpm
4fe9b98179258155d4a3d4dc4e543d13 2.1AS/en/os/ia64/file-3.39-8.7x.ia64.rpm
15c75893938ec25e6ae872674560d782 2.1AW/en/os/SRPMS/file-3.39-8.7x.src.rpm
4fe9b98179258155d4a3d4dc4e543d13 2.1AW/en/os/ia64/file-3.39-8.7x.ia64.rpm


These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at http://www.redhat.com/about/contact/pgpkey.html

You can verify each package with the following command:
    
    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum <filename>


8. References:

http://www.idefense.com/advisory/03.04.03.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0102

9. Contact:

The Red Hat security contact is <security redhat com>.  More contact
details at http://www.redhat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]