Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200412-07] file: Arbitrary code execution Vulnerability Scan
Vulnerability Scan Summary
file: Arbitrary code execution
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200412-07
(file: Arbitrary code execution)
A possible stack overflow has been found in the ELF header parsing
code of file.
A possible hacker may be able to create a specially crafted ELF file
which, when processed with file, may allow the execution of arbitrary
There is no known workaround at this time.
All file users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-apps/file-4.12"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.