Vulnerabilities > CVE-2005-2536 - Unspecified vulnerability in Pstotext
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
pstotext before 1.8g does not properly use the "-dSAFER" option when calling Ghostscript to extract plain text from PostScript and PDF files, which allows remote attackers to execute arbitrary commands via a malicious PostScript file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200507-29.NASL description The remote host is affected by the vulnerability described in GLSA-200507-29 (pstotext: Remote execution of arbitrary code) Max Vozeler reported that pstotext calls the GhostScript interpreter on untrusted PostScript files without specifying the -dSAFER option. Impact : An attacker could craft a malicious PostScript file and entice a user to run pstotext on it, resulting in the execution of arbitrary commands with the permissions of the user running pstotext. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 19360 published 2005-08-01 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/19360 title GLSA-200507-29 : pstotext: Remote execution of arbitrary code NASL family Debian Local Security Checks NASL id DEBIAN_DSA-792.NASL description Max Vozeler discovered that pstotext, a utility to extract text from PostScript and PDF files, did not execute ghostscript with the -dSAFER argument, which prevents potential malicious operations to happen. last seen 2020-06-01 modified 2020-06-02 plugin id 19562 published 2005-09-06 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19562 title Debian DSA-792-1 : pstotext - missing input sanitising
References
- http://secunia.com/advisories/16183/
- http://secunia.com/advisories/16305
- http://secunia.com/advisories/16624
- http://www.debian.org/security/2005/dsa-792
- http://www.gentoo.org/security/en/glsa/glsa-200507-29.xml
- http://www.securityfocus.com/bid/14378
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21498