Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2003:030-1: file Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the file package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2003:030-1 (file).

A memory allocation problem in file was found by Jeff Johnson, and a stack
overflow corruption problem was found by David Endler. These problems have been
corrected in file version 3.41 and likely affect all previous version. These
problems pose a security threat as they can be used to execute arbitrary code by
a possible hacker under the rights of another user. Note that the attacker must
first somehow convince the target user to execute file against a specially
crafted file that triggers the buffer overflow in file.
The 8.2 and 9.0 packages installed data in a different directory than where they
should have been installed, which broke compatability with a small number of
programs. These updated packages place those files back in the appropriate

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.