Multiple vulnerabilities in Astron Software file



Published: 2019-02-21 | Updated: 2019-02-22
Risk Low
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2019-8905
CVE-2019-8907
CVE-2019-8906
CVE-2019-8904
CWE-ID CWE-125
CWE-121
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #2 is available.
Public exploit code for vulnerability #3 is available.
Public exploit code for vulnerability #4 is available.
Vulnerable software
Subscribe
file
Universal components / Libraries / Libraries used by multiple products

Vendor Ian F. Darwin

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Stack out-of-bounds read

EUVDB-ID: #VU17821

Risk: Low

CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-8905

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to stack-based buffer over-read in the do_core_note function, related to file_printable. A remote attacker can trick the victim into executing a file that submits malicious input to the targeted system with the file command, trigger memory corruption and gain access to arbitrary data or perform a denial of service attack.

Mitigation

Update to version 5.36.

Vulnerable software versions

file: 5.35

External links

http://bugs.astron.com/view.php?id=63


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Stack-based buffer overflow

EUVDB-ID: #VU17822

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-8907

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to stack-based buffer overflow in the do_core_note function. A remote attacker can trick the victim into executing a file that submits malicious input to the targeted system with the file command, trigger memory corruption and perform a denial of service attack.

Mitigation

Update to version 5.36.

Vulnerable software versions

file: 5.35

External links

http://bugs.astron.com/view.php?id=65


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Out-of-bounds read

EUVDB-ID: #VU17823

Risk: Low

CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-8906

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to out-of-bounds read in the do_core_note function. A remote attacker can trick the victim into executing a file that submits malicious input to the targeted system with the file command, trigger memory corruption and gain access to arbitrary data or perform a denial of service attack.

Mitigation

Update to version 5.36.

Vulnerable software versions

file: 5.35

External links

http://bugs.astron.com/view.php?id=64


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

4) Stack out-of-bounds read

EUVDB-ID: #VU17829

Risk: Low

CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-8904

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to stack-based buffer over-read in the do_core_note function, as defined in the readelf.c source code file. A remote attacker can trick the victim into executing a file that submits malicious input to the targeted system with the file command, trigger memory corruption and gain access to arbitrary data or perform a denial of service attack.

Mitigation

Update to version 5.36.

Vulnerable software versions

file: 5.35

External links

http://bugs.astron.com/view.php?id=62


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###