|Main Archive Page > Month Archives > full-disclosure-uk archives|
rPath Security Advisory: 2007-0109-1
Products: rPath Linux 1
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access Updated Versions:
Previous versions of the file package are vulnerable to two attacks in which a maliciously crafted file can cause the file command, and any other application using libmagic, to use excessive CPU resources (Denial of Service), crash, or execute arbitrary, attacker-provided code (Unauthorized Access).
Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html