CVE-2013-7345
24.03.2014, 16:31
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| christos_zoulas | file | 𝑥 < 5.15 |
| php | php | 5.4.0 ≤ 𝑥 < 5.4.27 |
| php | php | 5.5.0 ≤ 𝑥 < 5.5.11 |
| debian | debian_linux | 6.0 |
| debian | debian_linux | 7.0 |
| debian | debian_linux | 8.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Red Hat Enterprise Linux Releases
Red Hat Product | |||
|---|---|---|---|
| php |
| ||
| php-bcmath |
| ||
| php-cli |
| ||
| php-common |
| ||
| php-dba |
| ||
| php-devel |
| ||
| php-embedded |
| ||
| php-enchant |
| ||
| php-fpm |
| ||
| php-gd |
| ||
| php-intl |
| ||
| php-ldap |
| ||
| php-mbstring |
| ||
| php-mysql |
| ||
| php-mysqlnd |
| ||
| php-odbc |
| ||
| php-pdo |
| ||
| php-pgsql |
| ||
| php-process |
| ||
| php-pspell |
| ||
| php-recode |
| ||
| php-snmp |
| ||
| php-soap |
| ||
| php-xml |
| ||
| php-xmlrpc |
|
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| file |
| ||
| file-debuginfo |
| ||
| file-devel |
| ||
| file-libs |
| ||
| file-static |
| ||
| php54 |
| ||
| php54-bcmath |
| ||
| php54-cli |
| ||
| php54-common |
| ||
| php54-dba |
| ||
| php54-debuginfo |
| ||
| php54-devel |
| ||
| php54-embedded |
| ||
| php54-enchant |
| ||
| php54-fpm |
| ||
| php54-gd |
| ||
| php54-imap |
| ||
| php54-intl |
| ||
| php54-ldap |
| ||
| php54-mbstring |
| ||
| php54-mcrypt |
| ||
| php54-mssql |
| ||
| php54-mysql |
| ||
| php54-mysqlnd |
| ||
| php54-odbc |
| ||
| php54-pdo |
| ||
| php54-pgsql |
| ||
| php54-process |
| ||
| php54-pspell |
| ||
| php54-recode |
| ||
| php54-snmp |
| ||
| php54-soap |
| ||
| php54-tidy |
| ||
| php54-xml |
| ||
| php54-xmlrpc |
| ||
| php55 |
| ||
| php55-bcmath |
| ||
| php55-cli |
| ||
| php55-common |
| ||
| php55-dba |
| ||
| php55-debuginfo |
| ||
| php55-devel |
| ||
| php55-embedded |
| ||
| php55-enchant |
| ||
| php55-fpm |
| ||
| php55-gd |
| ||
| php55-gmp |
| ||
| php55-imap |
| ||
| php55-intl |
| ||
| php55-ldap |
| ||
| php55-mbstring |
| ||
| php55-mcrypt |
| ||
| php55-mssql |
| ||
| php55-mysqlnd |
| ||
| php55-odbc |
| ||
| php55-opcache |
| ||
| php55-pdo |
| ||
| php55-pgsql |
| ||
| php55-process |
| ||
| php55-pspell |
| ||
| php55-recode |
| ||
| php55-snmp |
| ||
| php55-soap |
| ||
| php55-tidy |
| ||
| php55-xml |
| ||
| php55-xmlrpc |
| ||
| python-magic |
|
References