This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200703-26
(file: Integer underflow)
Jean-Sebastien Guay-Leroux reported an integer underflow in
A remote attacker could entice a user to run the 'file' program on a
specially crafted file that would trigger a heap-based buffer overflow
possibly leading to the execution of arbitrary code with the rights of
the user running 'file'. Note that this vulnerability could be also
triggered through an automatic file scanner like amavisd-new.
There is no known workaround at this time.
See also :
Since file is a system package, all Gentoo users should upgrade to the
# emerge --sync
# emerge --ask --oneshot --verbose '>=sys-apps/file-4.20'
Risk factor :
High / CVSS Base Score : 9.3
Family: Gentoo Local Security Checks
Nessus Plugin ID: 24931 (gentoo_GLSA-200703-26.nasl)
CVE ID: CVE-2007-1536