CVE-2013-7345
file: extensive backtracking in awk rule regular expression
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.
La expresión regular BEGIN en el detector de script de awk en el archivo magic/Magdir/commands anterior a 5.15 utiliza múltiples comodines con repeticiones ilimitadas, lo que permite a atacantes dependientes de contexto causar una denegación de servicio (consumo de CPU) a través de un archivo ASCII manipulado que provoca una gran cantidad de retroceso, como se demostró a través de un archivo con muchos caracteres de nueva línea.
A denial of service flaw was found in the File Information (fileinfo) extension rules for detecting AWK files. A remote attacker could use this flaw to cause a PHP application using fileinfo to consume an excessive amount of CPU.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-03-23 CVE Reserved
- 2014-03-23 CVE Published
- 2023-11-03 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-407: Inefficient Algorithmic Complexity
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://support.apple.com/kb/HT6443 | Third Party Advisory | |
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993 | Issue Tracking |
URL | Date | SRC |
---|---|---|
http://bugs.gw.com/view.php?id=164 | 2024-08-06 | |
https://github.com/file/file/commit/ef2329cf71acb59204dd981e2c6cce6c81fe467c | 2024-08-06 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2014-1765.html | 2022-10-31 | |
http://www.debian.org/security/2014/dsa-2873 | 2022-10-31 | |
https://access.redhat.com/security/cve/CVE-2013-7345 | 2014-10-30 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1079846 | 2014-10-30 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | < 5.15 Search vendor "Christos Zoulas" for product "File" and version " < 5.15" | - |
Affected
| ||||||
Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 5.4.0 < 5.4.27 Search vendor "Php" for product "Php" and version " >= 5.4.0 < 5.4.27" | - |
Affected
| ||||||
Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 5.5.0 < 5.5.11 Search vendor "Php" for product "Php" and version " >= 5.5.0 < 5.5.11" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 6.0 Search vendor "Debian" for product "Debian Linux" and version "6.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
|