EulerOS 2.0 SP1 : ghostscript (EulerOS-SA-2016-1050)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote EulerOS host is missing multiple security updates.

Description :

According to the versions of the ghostscript packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

- It was found that the ghostscript functions getenv,
filenameforall and .libfile did not honor the -dSAFER
option, usually used when processing untrusted
documents, leading to information disclosure. A
specially crafted postscript document could read
environment variable, list directory and retrieve file
content respectively, from the target. (CVE-2013-5653,
CVE-2016-7977)

- It was found that the ghostscript function .setdevice
suffered a use-after-free vulnerability due to an
incorrect reference count. A specially crafted
postscript document could trigger code execution in the
context of the gs process. (CVE-2016-7978)

- It was found that the ghostscript function
.initialize_dsc_parser did not validate its parameter
before using it, allowing a type confusion flaw. A
specially crafted postscript document could cause a
crash code execution in the context of the gs process.
(CVE-2016-7979)

- It was found that ghostscript did not sufficiently
check the validity of parameters given to the
.sethalftone5 function. A specially crafted postscript
document could cause a crash, or execute arbitrary code
in the context of the gs process. (CVE-2016-8602)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?796ab07a

Solution :

Update the affected ghostscript packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Huawei Local Security Checks

Nessus Plugin ID: 99813 ()

Bugtraq ID:

CVE ID: CVE-2013-5653
CVE-2016-7977
CVE-2016-7978
CVE-2016-7979
CVE-2016-8602

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now