CVE-2013-7345

MEDIUM

Description

The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.

References

http://bugs.gw.com/view.php?id=164

http://rhn.redhat.com/errata/RHSA-2014-1765.html

http://support.apple.com/kb/HT6443

http://www.debian.org/security/2014/dsa-2873

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993

https://github.com/file/file/commit/ef2329cf71acb59204dd981e2c6cce6c81fe467c

Details

Source: MITRE

Published: 2014-03-24

Updated: 2014-11-19

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*

cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:* versions up to 5.14 (inclusive)

Tenable Plugins

View all (28 total)

IDNameProductFamilySeverity
124927EulerOS Virtualization 3.0.1.0 : file (EulerOS-SA-2019-1424)NessusHuawei Local Security Checks
high
92905FreeBSD : FreeBSD -- Multiple vulnerabilities in file(1) and libmagic(3) (70140f20-6007-11e6-a6c3-14dae9d210b8)NessusFreeBSD Local Security Checks
medium
82333Mandriva Linux Security Advisory : php (MDVSA-2015:080)NessusMandriva Local Security Checks
high
78861Debian DSA-3064-1 : php5 - security updateNessusDebian Local Security Checks
high
78556PHP 5.6.0 Multiple VulnerabilitiesNessusCGI abuses
high
78286Amazon Linux AMI : php54 (ALAS-2014-343)NessusAmazon Linux Local Security Checks
medium
78285Amazon Linux AMI : php55 (ALAS-2014-342)NessusAmazon Linux Local Security Checks
medium
78276Amazon Linux AMI : php54 (ALAS-2014-333)NessusAmazon Linux Local Security Checks
medium
78275Amazon Linux AMI : php55 (ALAS-2014-332)NessusAmazon Linux Local Security Checks
medium
77748Mac OS X 10.9.x < 10.9.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
77455GLSA-201408-11 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
77452GLSA-201408-08 : file: Denial of ServiceNessusGentoo Local Security Checks
medium
77044Oracle Linux 7 : php (ELSA-2014-1013)NessusOracle Linux Local Security Checks
high
77033CentOS 7 : php (CESA-2014:1013)NessusCentOS Local Security Checks
high
77016RHEL 7 : php (RHSA-2014:1013)NessusRed Hat Local Security Checks
high
76525Ubuntu 10.04 LTS / 12.04 LTS / 13.10 / 14.04 LTS : file vulnerabilities (USN-2278-1)NessusUbuntu Local Security Checks
medium
76377Fedora 20 : file-5.19-1.fc20 (2014-7992)NessusFedora Local Security Checks
medium
75311openSUSE Security Update : file (openSUSE-SU-2014:0481-1)NessusSuSE Local Security Checks
medium
73651Amazon Linux AMI : file (ALAS-2014-323)NessusAmazon Linux Local Security Checks
medium
73638Slackware 14.0 / 14.1 / current : php (SSA:2014-111-02)NessusSlackware Local Security Checks
medium
73542Fedora 20 : php-5.5.11-1.fc20 (2014-4767)NessusFedora Local Security Checks
medium
73540Fedora 19 : php-5.5.11-1.fc19 (2014-4735)NessusFedora Local Security Checks
medium
73466Mandriva Linux Security Advisory : php (MDVSA-2014:075)NessusMandriva Local Security Checks
medium
73448Mandriva Linux Security Advisory : file (MDVSA-2014:073)NessusMandriva Local Security Checks
medium
73411PHP 5.5.x < 5.5.11 awk Magic Parsing BEGIN DoSNessusCGI abuses
medium
73338PHP 5.4.x < 5.4.27 awk Magic Parsing BEGIN DoSNessusCGI abuses
medium
73218Fedora 20 : file-5.14-20.fc20 (2014-4340)NessusFedora Local Security Checks
medium
72952Debian DSA-2873-1 : file - several vulnerabilitiesNessusDebian Local Security Checks
medium