This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200703-26
(file: Integer underflow)
Jean-Sebastien Guay-Leroux reported an integer underflow in
A remote attacker could entice a user to run the 'file' program on a
specially crafted file that would trigger a heap-based buffer overflow
possibly leading to the execution of arbitrary code with the rights of
the user running 'file'. Note that this vulnerability could be also
triggered through an automatic file scanner like amavisd-new.
There is no known workaround at this time.
See also :
Since file is a system package, all Gentoo users should upgrade to the
# emerge --sync
# emerge --ask --oneshot --verbose '>=sys-apps/file-4.20'
Risk factor :
High / CVSS Base Score : 9.3
Family: Gentoo Local Security Checks
Nessus Plugin ID: 24931 (gentoo_GLSA-200703-26.nasl)
CVE ID: CVE-2007-1536
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.