[AMaViS-user] AMaViS Security Announcement ASA-2007-1: exploitable security vulnerability in file(1) utility

Fri, 23 Mar 2007 08:23:35 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                        AMaViS Security Announcement

Date:                   2007-03-23
affected version(s):    amavis, amavisd, amavisd-new, amavis-ng 
Vulnerability:          file utility
Priority:               urgent
Solution:               update to file 4.20 or later 
References:             
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1532 
Author:                 Mark Martinec <[EMAIL PROTECTED]>
                        Rainer Link <[EMAIL PROTECTED]>
Advisory ID:            ASA-2007-1
Contact:                [EMAIL PROTECTED]
WWW:                    http://www.amavis.org/security/

- -----------------------------------------------------------------------------

0. Preface
As amavisd-new (http://www.ijs.si/software/amavisd/) is currently the
only maintained AMaViS branch, most of the following refers to
amavisd-new. 


1. Problem description
A security issue (integer underflow) in the GNU file(1) utility can
lead to a heap overflow.


2. Impact
Gain shell access to a remote system running a content filter
which uses GNU file below 4.20.

It is important to say that the executable code runs under
privileges of the process running amavisd (usually vscan or amavis),
which is not root. If amavisd is running chrooted, the impact
is limited by the chroot jail environment.


3. Solution
Update to GNU file 4.20 or newer, the latest version can be
found at ftp://ftp.astron.com/pub/file/

Or update your system using an up to date package or port.


4. Acknowledgement
Credits to Kees Cook of the Ubuntu team for providing
us with up-to-date references and details.


5. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
http://mx.gw.com/pipermail/file/2007/000161.html
http://www.ijs.si/software/amavisd/#sec
http://www.amavis.org/security/


6. Revision history
2007-03-23: initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.9.14 (GNU/Linux)

iD8DBQFGA6W4mxoFTBO0QHkRAlWVAJ9Cvdpa74t1Mv1n0R5l5i8MVPMYrwCfZ3RR
Y1QOxx+LJk6O/2JKUTmPqj8=
=OaWi
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/

Reply via email to