FrSIRT - Fedora Security Update Fixes File Client-Side Integer Underflow Vulnerability / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Fedora Security Update Fixes File Client-Side Integer Underflow Vulnerability

Title : Fedora Security Update Fixes File Client-Side Integer Underflow Vulnerability
Advisory ID : FrSIRT/ADV-2007-2423
CVE ID : CVE-2007-2799
Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-04

Advisory Details

Description

Affected Products

Solution

References

Technical Description

A vulnerability has been identified in Fedora, which could be exploited by attackers to execute arbitrary code [...]

Solution

Upgrade the affected packages :

c334d634f1d942796cdeec57b74cf3f2cda41b17 file-4.21-1.fc7.ppc64.rpm
e8f85883f7c6ccc00c409cb974249f280c0debd6 file-libs-4.21-1.fc7.ppc64.rpm
aa9d0b8a6563269bfc3a51b9450ade15fd04b515 file-devel-4.21-1.fc7.ppc64.rpm
fca782875bb9a7bdf86e0b9a52f5d229f615d2db file-debuginfo-4.21-1.fc7.ppc64.rpm
e336a7f959c76b24a5b81c5a91fa34f9ed78c9e8 file-libs-4.21-1.fc7.i386.rpm
06e17b6db58b75eb7594a91c581029c9049dd46e file-4.21-1.fc7.i386.rpm
c261a20a559ff3d842dd5b0cae91b26a7c9b10ae file-debuginfo-4.21-1.fc7.i386.rpm
34d0031eeb259faecd6109effc9fbfe6cc52e658 file-devel-4.21-1.fc7.i386.rpm
d6566d731d71aa63de8cb8718c08253b90b1143f file-debuginfo-4.21-1.fc7.x86_64.rpm
b88c703de819afa0a125339e7593041e7f688c9f file-libs-4.21-1.fc7.x86_64.rpm
fa743ae3b5d3ad6829b228cc61463efe347b0c33 file-devel-4.21-1.fc7.x86_64.rpm
4904044807e2f3d81036fc2b5ca616b732603e4d file-4.21-1.fc7.x86_64.rpm
71aed76b7cf6136abc572e7a791de4ba87e726cc file-libs-4.21-1.fc7.ppc.rpm
d5a0f85c4b927abee899614a54bd3711c68f99a8 file-debuginfo-4.21-1.fc7.ppc.rpm
ede4162d6bd71b22dcecae01be22165a34daf82c file-devel-4.21-1.fc7.ppc.rpm
188473d52506dda1b0e10edc07e776907dd00fba file-4.21-1.fc7.ppc.rpm
4671a51f518e86bde129778c74a91de6176b16f0 file-4.21-1.fc7.src.rpm

ChangeLog

2007-07-04 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Mozilla Products Code Execution and Security Bypass Vulnerabilities
	Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability
	Mozilla Products Remote Code Execution and Security Bypass Issues
	Mozilla Products Code Execution and Injection Vulnerabilities
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability
	Mozilla Thunderbird Code Execution and Cross Site Scripting Issues
	Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues

	Cisco UCM SIP Remote Denial of Service
	Cisco IOS Denial of Service and Security Bypass Vulnerabilities
	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability
	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities

	Sun Solaris ACL UFS File Systems Denial of Service Vulnerability
	Sun Solaris Text Editors Tag Files Local Code Execution Vulnerability
	Sun Management Center Remote Denial of Service Vulnerability
	Sun Solaris Bzip2 Archive Handling Denial of Service Vulnerability
	Sun Solaris GNU Tar Headers Handling Buffer Overflow Vulnerability
	Sun Solaris Covert Channel Local Security Bypass Vulnerability
	Sun Solaris NFS RPC Zone Denial of Service Vulnerability