A flaw in the file command used in many Linux/Unix implementations may be exploited to run arbitrary binary code. The file command is used to identify a particular file based on the data it contains.
To download the Red Hat patch, see https://rhn.redhat.com/errata/RHSA-2003-086.html.
To download the Mandrake Linux patch, see http://nww1.com/go/0310BUG1A.html.
To download the EnGarde patch, see http://www.linuxsecurity.com/advisories/engarde_advisory-2945.html.
To download the OpenPKG patch, see http://www.openpkg.org/security/OpenPKG-SA-2003.017-file.html.