The FreeBSD Project announced one new security update this morning.
A heap overflow exists in the file_printf() function used by file(1) and libmagic(3) for all FreeBSD releases (CVE-2007-1586). An attacker could use the buffer overflow to execute arbitrary code with the privilege level of the user running file(1). It is suggested that all users upgrade to the latest version of FreeBSD or apply the patches available from the FreeBSD Security Information web site.
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!
Leave a Reply