OpenBSD 4.1 - Heap overflow vulnerabillity

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: OpenBSD 4.1 - Heap overflow vulnerabillity
From: acheddamiman@xxxxxxxxx
Date: 25 Aug 2007 20:18:39 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

The command "file" is vulnerable to heap overflow.

Solution:

Patch the kernel source with: 
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/009_file.patch

By AchedDamiman

Follow-Ups:
- Re: OpenBSD 4.1 - Heap overflow vulnerabillity
  - From: Steve Shockley

Prev by Date: Re: More on VMWare poor guest isolation design
Next by Date: FLEA-2007-0049-1 tar
Previous by thread: [USN-503-1] Thunderbird vulnerabilities
Next by thread: Re: OpenBSD 4.1 - Heap overflow vulnerabillity
Index(es):
- Date
- Thread