S-350: Vulnerabilities in Microsoft Office Filters
Multiple remote code execution vulnerabilities exists in the way that Microsoft Office filter handles images. An attacker could exploit the vulneraiblity by constructing a specially crafted Encapsulated PostScript (EPS) file that could allow remote code execution if a user opened the file with a Microsoft Office application. The risk is MEDIUM. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability.
chfn(1) General Commands Manual chfn(1)Name
chfn - change system finger entry
Syntax
chfn [ loginname ]
Description
The command is used to change information about users. This information is used by the program, among others. It consists of the user's
real name, office room number, office phone number, and home phone number. The command prompts the user for each field. Included in the
prompt is a default value, which is enclosed between brackets. The default value is accepted simply by typing <CR>. To enter a blank
field, type the word `none'. This is an example:
% chfn
Changing finger information for doe
Name [John Doe]:
Office number [ABC-1/K0]: DEF-2/K1
Office Phone []: 1863
Home Phone [5771546]: none
The command allows phone numbers to be entered with or without hyphens. No entries may contain colons, commas, or control characters.
It is a good idea to run after running to make sure everything is the way you want it.
The optional argument loginname is used to change another person's finger information. This can only be done by the superuser.
Restrictions
The encoding of the office and extension information is installation dependent.
Because two users may try to write the file at once, a synchronization method was developed. On rare occasions, a message that the pass-
word file is "busy" will be printed. In this case, sleeps for a while and then tries to write to the file again.
If the passwd entry is distributed from another host will not modify it.
See Also
chsh(1), finger(1), passwd(1), passwd(5yp)chfn(1)