Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: Re: CVE Request: file: crashes when checking softmagic for some corrupt PE executables
From: Stuart Henderson <stu () spacehopper org>
Date: Thu, 13 Mar 2014 11:24:33 +0000

On 2014/03/05 12:07, cve-assign () mitre org wrote:
Use CVE-2014-2270.

A CVE ID seems worthwhile because of possible libmagic use cases.

"file can be made to crash" is typically not security-relevant on its
own (a user can recover from this by not continuing to run file on the
same crafted file). We're not sure whether any distribution has
packages that rely on server-side use of libmagic, or whether it's
common to have long-running processes that use libmagic with untrusted
input.

file(1)/libmagic certainly have a security impact, for example they
are used by various mail anti-virus checkers like MailScanner and
amavisd-new, also some IDS/honeypot software (Bro, Nepenthes), all
of which are expected to handle at best untrustworthy, at worst
downright malicious input.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault