Vulnerability CVE-2017-1000249

Vulnerability Name:

CVE-2017-1000249 (CCN-131992)

Assigned:

2017-08-27

Published:

2017-08-27

Updated:

2017-11-08

Summary:

An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 (Oct 2016) lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 (Aug 2017).

CVSS v3 Severity:

5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

CVSS v2 Severity:

2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Complete Availibility (A): None

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2017-1000249

Source: DEBIAN
Type: UNKNOWN
DSA-3965

Source: XF
Type: UNKNOWN
file-cve20171000249-sec-bypass(131992)

Source: CCN
Type: file GIT Repository
Fix always true condition

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/file/file/commit/35c94dc6acc418f1ad7f6241a6680e5327495793

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/file/file/commit/9611f31313a93aa036389c5f3b15eea53510d4d

Source: GENTOO
Type: UNKNOWN
GLSA-201710-02

Vulnerable Configuration:

Configuration 1:

cpe:/a:file_project:file:5.29:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20171000249	V	CVE-2017-1000249	2023-06-22
oval:org.opensuse.security:def:7494	P	file-5.32-7.14.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:650	P	Security update for apache2-mod_wsgi (Moderate) (in QA)	2022-10-04
oval:org.opensuse.security:def:2919	P	file-5.32-7.14.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94549	P	file-5.32-7.14.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:54	P	file-5.32-7.11.2 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:71	P	graphite2-devel-1.3.11-2.12 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:350	P	python3-urllib3-1.25.10-4.3.1 on GA media (Moderate)	2022-06-10
oval:org.opensuse.security:def:983	P	Security update for perl-DBD-SQLite (Moderate)	2022-03-28
oval:org.opensuse.security:def:100419	P	(Important)	2022-02-18
oval:org.opensuse.security:def:112224	P	file-5.40-1.14 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:69742	P	Security update for containerd, docker, runc (Important)	2021-10-25
oval:org.opensuse.security:def:70837	P	Security update for ffmpeg (Moderate)	2021-10-06
oval:org.opensuse.security:def:105754	P	file-5.40-1.14 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:96559	P	file-5.32-7.5.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103249	P	file-5.32-7.5.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:89594	P	file-5.32-7.5.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71180	P	file-5.32-7.5.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61439	P	file-5.32-7.5.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:47572	P	chrony-2.3-3.110 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46921	P	cyrus-sasl-2.1.26-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47820	P	libzip2-0.11.1-13.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47870	P	python-requests-2.11.1-6.28.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47145	P	rpcbind-0.2.3-21.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46886	P	ant-1.9.4-1.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47997	P	dstat-0.7.3-1.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47507	P	sudo-1.8.20p2-1.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47200	P	apache-commons-beanutils-1.9.2-1.149 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48099	P	libcairo-gobject2-1.15.2-25.3.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47653	P	java-1_8_0-openjdk-1.8.0.181-27.26.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47424	P	libusbmuxd4-1.0.10-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47749	P	libnetpbm11-10.66.3-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47786	P	libspice-client-glib-2_0-8-0.33-3.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47053	P	libneon27-0.30.0-3.64 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47932	P	yast2-users-3.2.17-1.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47293	P	jakarta-taglibs-standard-1.1.1-255.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47007	P	libapr1-1.5.1-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48028	P	gpgme-1.5.1-1.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47591	P	dbus-1-1.8.22-29.10.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47332	P	libasan2-32bit-5.3.1+r233831-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47718	P	libical1-1.0.1-16.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:71813	P	file-5.32-7.11.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62072	P	file-5.32-7.11.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100830	P	file-5.32-7.11.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:48512	P	libjpeg-turbo-1.3.1-30.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46871	P	xen-4.5.1_12-2.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48791	P	libjavascriptcoregtk-1_0-0-2.4.11-23.20 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46593	P	wireshark-1.10.9-1.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70901	P	file-5.32-5.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46728	P	libgnomesu-1.0.0-352.84 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70950	P	libXfont2-2-2.0.3-1.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48458	P	libIlmImf-Imf_2_1-21-2.1.0-4.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61160	P	file-5.32-5.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46872	P	xf86-video-intel-2.99.914-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46592	P	wget-1.14-4.80 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48737	P	libmikmod3-3.2.0-4.59 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46607	P	aaa_base-13.2+git20140911.61c1681-9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:69637	P	Security update for stunnel (Important)	2021-05-03
oval:org.opensuse.security:def:49037	P	libstaroffice-0_0-0-0.0.6-10.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61739	P	file-5.32-7.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107085	P	file-5.32-7.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116643	P	file-5.32-7.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:93706	P	file-5.32-7.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71480	P	file-5.32-7.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:66386	P	file on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64163	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:67597	P	file on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49091	P	file on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66294	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:73077	P	file on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64250	P	file on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67497	P	Security update for rubygem-actionpack-5_1 (Important)	2020-12-01
oval:org.opensuse.security:def:72959	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:com.ubuntu.trusty:def:20171000249000	V	CVE-2017-1000249 on Ubuntu 14.04 LTS (trusty) - medium.	2017-09-11
oval:com.ubuntu.xenial:def:20171000249000	V	CVE-2017-1000249 on Ubuntu 16.04 LTS (xenial) - medium.	2017-09-11
oval:com.ubuntu.xenial:def:201710002490000000	V	CVE-2017-1000249 on Ubuntu 16.04 LTS (xenial) - medium.	2017-09-11

BACK