Vigil@nce - Fine Free file: denial of service via awk BEGIN
July 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can invite the victim to analyze a large file with
Fine Free file, in order to trigger a denial of service during the
AWK format detection.
Impacted products: Unix (platform)
Severity: 1/4
Creation date: 03/07/2014
DESCRIPTION OF THE VULNERABILITY
The Fine Free file (libmagic) program analyzes files, in order to
automatically recognize their type. The PHP Fileinfo module also
uses libmagic.
The AWK language uses a syntax containing "BEGIN ". The Fine Free
file program thus uses the following regular expression to detect
AWK scripts (MIME type text/x-awk):
\s*BEGIN\s*[]
However, if the file contains numerous line feeds, this regular
expression is slow, because several backtracking operations occurs.
An attacker can therefore invite the victim to analyze a large
file with Fine Free file, in order to trigger a denial of service
during the AWK format detection.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Fine-Free-file-denial-of-service-via-awk-BEGIN-14984
To change your email preferences (frequency, severity threshold, format):