Vulnerabilities > CVE-2012-4405 - Numeric Errors vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2012-13839.NASL description This update removes some bundled libraries, notably icclib. This avoids security issue CVE-2012-4405. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-09-29 plugin id 62377 published 2012-09-29 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/62377 title Fedora 16 : ghostscript-9.05-2.fc16 (2012-13839) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2012-13839. # include("compat.inc"); if (description) { script_id(62377); script_version("1.8"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"FEDORA", value:"2012-13839"); script_name(english:"Fedora 16 : ghostscript-9.05-2.fc16 (2012-13839)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update removes some bundled libraries, notably icclib. This avoids security issue CVE-2012-4405. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854227" ); # https://lists.fedoraproject.org/pipermail/package-announce/2012-September/088572.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c553d20b" ); script_set_attribute( attribute:"solution", value:"Update the affected ghostscript package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ghostscript"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:16"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/29"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^16([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 16.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC16", reference:"ghostscript-9.05-2.fc16")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript"); }
NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-668.NASL description The following security issue was fixed in ghostscript : Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error. last seen 2020-06-05 modified 2014-06-13 plugin id 74770 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74770 title openSUSE Security Update : ghostscript (openSUSE-SU-2012:1289-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2012-668. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(74770); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-4405"); script_name(english:"openSUSE Security Update : ghostscript (openSUSE-SU-2012:1289-1)"); script_summary(english:"Check for the openSUSE-2012-668 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The following security issue was fixed in ghostscript : Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=779700" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2012-10/msg00014.html" ); script_set_attribute( attribute:"solution", value:"Update the affected ghostscript packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-fonts-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-fonts-rus"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-fonts-std"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-ijs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-library"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-library-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-library-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-x11"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-x11-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimpprint"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimpprint-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimpprint-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"ghostscript-devel-9.00-4.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"ghostscript-fonts-other-9.00-4.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"ghostscript-fonts-rus-9.00-4.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"ghostscript-fonts-std-9.00-4.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"ghostscript-ijs-devel-9.00-4.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"ghostscript-library-9.00-4.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"ghostscript-library-debuginfo-9.00-4.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"ghostscript-library-debugsource-9.00-4.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"ghostscript-x11-9.00-4.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"ghostscript-x11-debuginfo-9.00-4.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgimpprint-4.2.7-334.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgimpprint-debuginfo-4.2.7-334.48.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgimpprint-devel-4.2.7-334.48.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript"); }
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2012-151.NASL description A security issue was identified and fixed in ghostscript : An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript last seen 2020-06-01 modified 2020-06-02 plugin id 62445 published 2012-10-06 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/62445 title Mandriva Linux Security Advisory : ghostscript (MDVSA-2012:151-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2012:151. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(62445); script_version("1.8"); script_cvs_date("Date: 2019/08/02 13:32:54"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"MDVSA", value:"2012:151-1"); script_name(english:"Mandriva Linux Security Advisory : ghostscript (MDVSA-2012:151-1)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A security issue was identified and fixed in ghostscript : An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript (CVE-2012-4405). The updated packages have been patched to correct this issue." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ghostscript"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ghostscript-X"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ghostscript-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ghostscript-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ghostscript-dvipdf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ghostscript-module-X"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gs9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ijs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ijs1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgs9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libijs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libijs1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2011"); script_set_attribute(attribute:"patch_publication_date", value:"2012/10/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/10/06"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2011", reference:"ghostscript-9.02-1.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"ghostscript-X-9.02-1.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"ghostscript-common-9.02-1.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"ghostscript-doc-9.02-1.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"ghostscript-dvipdf-9.02-1.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"ghostscript-module-X-9.02-1.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64gs-devel-9.02-1.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64gs9-9.02-1.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64ijs-devel-0.35-76.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64ijs1-0.35-76.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libgs-devel-9.02-1.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libgs9-9.02-1.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libijs-devel-0.35-76.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libijs1-0.35-76.1-mdv2011.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-1256.NASL description Updated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript last seen 2020-06-01 modified 2020-06-02 plugin id 62056 published 2012-09-12 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62056 title RHEL 5 / 6 : ghostscript (RHSA-2012:1256) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2012:1256. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(62056); script_version ("1.21"); script_cvs_date("Date: 2019/10/24 15:35:36"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"RHSA", value:"2012:1256"); script_name(english:"RHEL 5 / 6 : ghostscript (RHSA-2012:1256)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405) Red Hat would like to thank Marc Schonefeld for reporting this issue. Users of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch to correct this issue." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2012:1256" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2012-4405" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ghostscript"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ghostscript-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ghostscript-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ghostscript-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ghostscript-gtk"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.3"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/09/18"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x / 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2012:1256"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL5", reference:"ghostscript-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"RHEL5", reference:"ghostscript-debuginfo-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"RHEL5", reference:"ghostscript-devel-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"ghostscript-gtk-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"ghostscript-gtk-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"ghostscript-gtk-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"RHEL6", reference:"ghostscript-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"RHEL6", reference:"ghostscript-debuginfo-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"RHEL6", reference:"ghostscript-devel-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ghostscript-doc-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ghostscript-doc-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ghostscript-doc-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ghostscript-gtk-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ghostscript-gtk-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ghostscript-gtk-8.70-14.el6_3.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript / ghostscript-debuginfo / ghostscript-devel / etc"); } }
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201412-17.NASL description The remote host is affected by the vulnerability described in GLSA-201412-17 (GPL Ghostscript: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could entice a user to open a specially crafted PostScript file or PDF using GPL Ghostscript, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 79970 published 2014-12-15 reporter This script is Copyright (C) 2014-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/79970 title GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201412-17. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(79970); script_version("$Revision: 1.4 $"); script_cvs_date("$Date: 2016/11/11 20:19:25 $"); script_cve_id("CVE-2009-0196", "CVE-2009-0792", "CVE-2009-3743", "CVE-2009-4270", "CVE-2009-4897", "CVE-2010-1628", "CVE-2010-2055", "CVE-2010-4054", "CVE-2012-4405"); script_bugtraq_id(34184, 34445, 37410, 40107, 40467, 41593, 42640, 43932, 55494); script_xref(name:"GLSA", value:"201412-17"); script_name(english:"GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201412-17 (GPL Ghostscript: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could entice a user to open a specially crafted PostScript file or PDF using GPL Ghostscript, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201412-17" ); script_set_attribute( attribute:"solution", value: "All GPL Ghostscript users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-text/ghostscript-gpl-9.10-r2'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(119, 189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ghostscript-gpl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/12/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/12/15"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"app-text/ghostscript-gpl", unaffected:make_list("ge 9.10-r2"), vulnerable:make_list("lt 9.10-r2"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "GPL Ghostscript"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2595.NASL description Marc Schoenefeld discovered that an integer overflow in the ICC parsing code of Ghostscript can lead to the execution of arbitrary code. last seen 2020-03-17 modified 2012-12-31 plugin id 63358 published 2012-12-31 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63358 title Debian DSA-2595-1 : ghostscript - integer overflow code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2595. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(63358); script_version("1.9"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"DSA", value:"2595"); script_name(english:"Debian DSA-2595-1 : ghostscript - integer overflow"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Marc Schoenefeld discovered that an integer overflow in the ICC parsing code of Ghostscript can lead to the execution of arbitrary code." ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/ghostscript" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2012/dsa-2595" ); script_set_attribute( attribute:"solution", value: "Upgrade the ghostscript packages. For the stable distribution (squeeze), this problem has been fixed in version 8.71~dfsg2-9+squeeze1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:ghostscript"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"patch_publication_date", value:"2012/12/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/12/31"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"ghostscript", reference:"8.71~dfsg2-9+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"ghostscript-cups", reference:"8.71~dfsg2-9+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"ghostscript-doc", reference:"8.71~dfsg2-9+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"ghostscript-x", reference:"8.71~dfsg2-9+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"gs-common", reference:"8.71~dfsg2-9+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"gs-esp", reference:"8.71~dfsg2-9+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"gs-gpl", reference:"8.71~dfsg2-9+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"libgs-dev", reference:"8.71~dfsg2-9+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"libgs8", reference:"8.71~dfsg2-9+squeeze1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Fedora Local Security Checks NASL id FEDORA_2012-13846.NASL description This update removes some bundled libraries, notably icclib. This avoids security issue CVE-2012-4405. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-09-29 plugin id 62378 published 2012-09-29 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/62378 title Fedora 17 : ghostscript-9.05-4.fc17 (2012-13846) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2012-13846. # include("compat.inc"); if (description) { script_id(62378); script_version("1.8"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"FEDORA", value:"2012-13846"); script_name(english:"Fedora 17 : ghostscript-9.05-4.fc17 (2012-13846)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update removes some bundled libraries, notably icclib. This avoids security issue CVE-2012-4405. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854227" ); # https://lists.fedoraproject.org/pipermail/package-announce/2012-September/088564.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1b3f2252" ); script_set_attribute( attribute:"solution", value:"Update the affected ghostscript package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ghostscript"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:17"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/29"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^17([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 17.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC17", reference:"ghostscript-9.05-4.fc17")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript"); }
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-1256.NASL description Updated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript last seen 2020-06-01 modified 2020-06-02 plugin id 62048 published 2012-09-12 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62048 title CentOS 5 / 6 : ghostscript (CESA-2012:1256) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2012:1256 and # CentOS Errata and Security Advisory 2012:1256 respectively. # include("compat.inc"); if (description) { script_id(62048); script_version("1.14"); script_cvs_date("Date: 2020/01/07"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"RHSA", value:"2012:1256"); script_name(english:"CentOS 5 / 6 : ghostscript (CESA-2012:1256)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405) Red Hat would like to thank Marc Schonefeld for reporting this issue. Users of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch to correct this issue." ); # https://lists.centos.org/pipermail/centos-announce/2012-September/018862.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a3b3a5fe" ); # https://lists.centos.org/pipermail/centos-announce/2012-September/018864.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?f6816cc4" ); script_set_attribute( attribute:"solution", value:"Update the affected ghostscript packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-4405"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ghostscript"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ghostscript-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ghostscript-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ghostscript-gtk"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/09/18"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x / 6.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-5", reference:"ghostscript-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"CentOS-5", reference:"ghostscript-devel-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"CentOS-5", reference:"ghostscript-gtk-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"CentOS-6", reference:"ghostscript-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"CentOS-6", reference:"ghostscript-devel-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"CentOS-6", reference:"ghostscript-doc-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"CentOS-6", reference:"ghostscript-gtk-8.70-14.el6_3.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript / ghostscript-devel / ghostscript-doc / ghostscript-gtk"); }
NASL family SuSE Local Security Checks NASL id SUSE_GHOSTSCRIPT-FONTS-OTHER-8290.NASL description This update fixes an array index error leading to a heap-based buffer overflow in ghostscript-library. CVE-2012-4405 has been assigned to this issue. last seen 2020-06-05 modified 2012-09-20 plugin id 62210 published 2012-09-20 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/62210 title SuSE 10 Security Update : ghostscript (ZYPP Patch Number 8290) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(62210); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-4405"); script_name(english:"SuSE 10 Security Update : ghostscript (ZYPP Patch Number 8290)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update fixes an array index error leading to a heap-based buffer overflow in ghostscript-library. CVE-2012-4405 has been assigned to this issue." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-4405.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 8290."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/20"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:4, reference:"ghostscript-fonts-other-8.15.4-16.28.1")) flag++; if (rpm_check(release:"SLED10", sp:4, reference:"ghostscript-fonts-std-8.15.4-16.28.1")) flag++; if (rpm_check(release:"SLED10", sp:4, reference:"ghostscript-library-8.15.4-16.28.1")) flag++; if (rpm_check(release:"SLED10", sp:4, reference:"ghostscript-x11-8.15.4-16.28.1")) flag++; if (rpm_check(release:"SLED10", sp:4, reference:"libgimpprint-4.2.7-62.28.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"ghostscript-fonts-other-8.15.4-16.28.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"ghostscript-fonts-rus-8.15.4-16.28.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"ghostscript-fonts-std-8.15.4-16.28.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"ghostscript-library-8.15.4-16.28.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"ghostscript-omni-8.15.4-16.28.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"ghostscript-x11-8.15.4-16.28.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"libgimpprint-4.2.7-62.28.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"libgimpprint-devel-4.2.7-62.28.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else exit(0, "The host is not affected.");
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1581-1.NASL description Marc Schonefeld discovered that Ghostscript did not correctly handle certain image files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service and possibly execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 62290 published 2012-09-25 reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62290 title Ubuntu 8.04 LTS / 10.04 LTS : ghostscript vulnerability (USN-1581-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-1581-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(62290); script_version("1.9"); script_cvs_date("Date: 2019/09/19 12:54:28"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"USN", value:"1581-1"); script_name(english:"Ubuntu 8.04 LTS / 10.04 LTS : ghostscript vulnerability (USN-1581-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Marc Schonefeld discovered that Ghostscript did not correctly handle certain image files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service and possibly execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/1581-1/" ); script_set_attribute( attribute:"solution", value:"Update the affected libgs8 package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libgs8"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/09/18"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/25"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(8\.04|10\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 10.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"8.04", pkgname:"libgs8", pkgver:"8.61.dfsg.1-1ubuntu3.5")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"libgs8", pkgver:"8.71.dfsg.1-0ubuntu5.5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libgs8"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_GHOSTSCRIPT-DEVEL-120912.NASL description This update fixes an array index error leading to a heap-based buffer overflow in ghostscript-library. CVE-2012-4405 has been assigned to this issue. last seen 2020-06-05 modified 2013-01-25 plugin id 64146 published 2013-01-25 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64146 title SuSE 11.2 Security Update : ghostscript (SAT Patch Number 6813) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(64146); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-4405"); script_name(english:"SuSE 11.2 Security Update : ghostscript (SAT Patch Number 6813)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update fixes an array index error leading to a heap-based buffer overflow in ghostscript-library. CVE-2012-4405 has been assigned to this issue." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=779700" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-4405.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 6813."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-rus"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-std"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:ghostscript-library"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:ghostscript-omni"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:ghostscript-x11"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libgimpprint"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2"); flag = 0; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"ghostscript-fonts-other-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"ghostscript-fonts-rus-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"ghostscript-fonts-std-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"ghostscript-library-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"ghostscript-omni-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"ghostscript-x11-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"libgimpprint-4.2.7-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"ghostscript-fonts-other-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"ghostscript-fonts-rus-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"ghostscript-fonts-std-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"ghostscript-library-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"ghostscript-omni-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"ghostscript-x11-8.62-32.34.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"libgimpprint-4.2.7-32.34.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"ghostscript-fonts-other-8.62-32.34.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"ghostscript-fonts-rus-8.62-32.34.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"ghostscript-fonts-std-8.62-32.34.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"ghostscript-library-8.62-32.34.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"ghostscript-omni-8.62-32.34.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"ghostscript-x11-8.62-32.34.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"libgimpprint-4.2.7-32.34.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-1256.NASL description From Red Hat Security Advisory 2012:1256 : Updated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript last seen 2020-06-01 modified 2020-06-02 plugin id 68616 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68616 title Oracle Linux 5 / 6 : ghostscript (ELSA-2012-1256) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2012:1256 and # Oracle Linux Security Advisory ELSA-2012-1256 respectively. # include("compat.inc"); if (description) { script_id(68616); script_version("1.9"); script_cvs_date("Date: 2019/09/30 10:58:17"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"RHSA", value:"2012:1256"); script_name(english:"Oracle Linux 5 / 6 : ghostscript (ELSA-2012-1256)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2012:1256 : Updated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405) Red Hat would like to thank Marc Schonefeld for reporting this issue. Users of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch to correct this issue." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2012-September/003017.html" ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2012-September/003019.html" ); script_set_attribute( attribute:"solution", value:"Update the affected ghostscript packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ghostscript"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ghostscript-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ghostscript-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ghostscript-gtk"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/09/18"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5 / 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL5", reference:"ghostscript-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"EL5", reference:"ghostscript-devel-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"EL5", reference:"ghostscript-gtk-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"EL6", reference:"ghostscript-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"EL6", reference:"ghostscript-devel-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"EL6", reference:"ghostscript-doc-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"EL6", reference:"ghostscript-gtk-8.70-14.el6_3.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript / ghostscript-devel / ghostscript-doc / ghostscript-gtk"); }
NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2012-127.NASL description An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript last seen 2020-06-01 modified 2020-06-02 plugin id 69617 published 2013-09-04 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69617 title Amazon Linux AMI : ghostscript (ALAS-2012-127) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2012-127. # include("compat.inc"); if (description) { script_id(69617); script_version("1.6"); script_cvs_date("Date: 2018/04/18 15:09:34"); script_cve_id("CVE-2012-4405"); script_xref(name:"ALAS", value:"2012-127"); script_xref(name:"RHSA", value:"2012:1256"); script_name(english:"Amazon Linux AMI : ghostscript (ALAS-2012-127)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405)" ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2012-127.html" ); script_set_attribute( attribute:"solution", value:"Run 'yum update ghostscript' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ghostscript"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ghostscript-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ghostscript-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ghostscript-doc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"ghostscript-8.70-15.22.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"ghostscript-debuginfo-8.70-15.22.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"ghostscript-devel-8.70-15.22.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"ghostscript-doc-8.70-15.22.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript / ghostscript-debuginfo / ghostscript-devel / etc"); }
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2013-090.NASL description A security issue was identified and fixed in argyllcms : An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript last seen 2020-06-01 modified 2020-06-02 plugin id 66102 published 2013-04-20 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/66102 title Mandriva Linux Security Advisory : argyllcms (MDVSA-2013:090) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2013:090. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(66102); script_version("1.7"); script_cvs_date("Date: 2019/08/02 13:32:55"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"MDVSA", value:"2013:090"); script_xref(name:"MGASA", value:"2012-0301"); script_name(english:"Mandriva Linux Security Advisory : argyllcms (MDVSA-2013:090)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Mandriva Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "A security issue was identified and fixed in argyllcms : An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript (CVE-2012-4405). The updated packages have been patched to correct this issue." ); script_set_attribute( attribute:"solution", value:"Update the affected argyllcms package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:argyllcms"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1"); script_set_attribute(attribute:"patch_publication_date", value:"2013/04/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/20"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"argyllcms-1.4.0-2.1.mbs1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-669.NASL description The following security issue was fixed in ghostscript : Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error. last seen 2020-06-05 modified 2014-06-13 plugin id 74771 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74771 title openSUSE Security Update : ghostscript-library (openSUSE-SU-2012:1290-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2012-669. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(74771); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-4405"); script_name(english:"openSUSE Security Update : ghostscript-library (openSUSE-SU-2012:1290-1)"); script_summary(english:"Check for the openSUSE-2012-669 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The following security issue was fixed in ghostscript : Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=779700" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2012-10/msg00015.html" ); script_set_attribute( attribute:"solution", value:"Update the affected ghostscript-library packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-fonts-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-fonts-rus"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-fonts-std"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-ijs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-library"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-library-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-library-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-mini"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-mini-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-mini-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-x11"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ghostscript-x11-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimpprint"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimpprint-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgimpprint-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-devel-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-fonts-other-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-fonts-rus-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-fonts-std-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-ijs-devel-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-library-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-library-debuginfo-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-library-debugsource-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-mini-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-mini-debuginfo-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-mini-debugsource-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-x11-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"ghostscript-x11-debuginfo-9.00-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgimpprint-4.2.7-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgimpprint-debuginfo-4.2.7-13.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgimpprint-devel-4.2.7-13.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript-library"); }
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2013-089.NASL description A security issue was identified and fixed in icclib : An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript last seen 2020-06-01 modified 2020-06-02 plugin id 66101 published 2013-04-20 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/66101 title Mandriva Linux Security Advisory : icclib (MDVSA-2013:089) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2013:089. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(66101); script_version("1.7"); script_cvs_date("Date: 2019/08/02 13:32:55"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"MDVSA", value:"2013:089"); script_xref(name:"MGASA", value:"2012-0301"); script_name(english:"Mandriva Linux Security Advisory : icclib (MDVSA-2013:089)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A security issue was identified and fixed in icclib : An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript (CVE-2012-4405). The updated packages have been patched to correct this issue." ); script_set_attribute( attribute:"solution", value: "Update the affected icclib, lib64icc-devel and / or lib64icc2 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:icclib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64icc-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64icc2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1"); script_set_attribute(attribute:"patch_publication_date", value:"2013/04/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/20"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"icclib-2.13-2.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64icc-devel-2.13-2.1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64icc2-2.13-2.1.mbs1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201402-29.NASL description The remote host is affected by the vulnerability described in GLSA-201402-29 (ArgyllCMS: User-assisted execution of arbitrary code) Multiple integer overflow vulnerabilities have been discovered in the ICC Format Library in ArgyllCMS. Impact : A remote attacker could entice a user to open a specially crafted image file using ArgyllCMS, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 72756 published 2014-03-02 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72756 title GLSA-201402-29 : ArgyllCMS: User-assisted execution of arbitrary code code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201402-29. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(72756); script_version("1.5"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_cve_id("CVE-2012-4405"); script_bugtraq_id(55494); script_xref(name:"GLSA", value:"201402-29"); script_name(english:"GLSA-201402-29 : ArgyllCMS: User-assisted execution of arbitrary code"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201402-29 (ArgyllCMS: User-assisted execution of arbitrary code) Multiple integer overflow vulnerabilities have been discovered in the ICC Format Library in ArgyllCMS. Impact : A remote attacker could entice a user to open a specially crafted image file using ArgyllCMS, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201402-29" ); script_set_attribute( attribute:"solution", value: "All ArgyllCMS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/argyllcms-1.4.0-r1'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:argyllcms"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/02/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"media-gfx/argyllcms", unaffected:make_list("ge 1.4.0-r1"), vulnerable:make_list("lt 1.4.0-r1"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ArgyllCMS"); }
NASL family Scientific Linux Local Security Checks NASL id SL_20120911_GHOSTSCRIPT_ON_SL5_X.NASL description Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript last seen 2020-03-18 modified 2012-09-12 plugin id 62057 published 2012-09-12 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62057 title Scientific Linux Security Update : ghostscript on SL5.x, SL6.x i386/x86_64 (20120911) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(62057); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-4405"); script_name(english:"Scientific Linux Security Update : ghostscript on SL5.x, SL6.x i386/x86_64 (20120911)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405) Users of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch to correct this issue." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1209&L=scientific-linux-errata&T=0&P=1237 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?97eaf61f" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ghostscript"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ghostscript-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ghostscript-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ghostscript-gtk"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/09/18"); script_set_attribute(attribute:"patch_publication_date", value:"2012/09/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL5", reference:"ghostscript-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"SL5", reference:"ghostscript-devel-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"SL5", reference:"ghostscript-gtk-8.70-14.el5_8.1")) flag++; if (rpm_check(release:"SL6", reference:"ghostscript-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"SL6", reference:"ghostscript-devel-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"SL6", reference:"ghostscript-doc-8.70-14.el6_3.1")) flag++; if (rpm_check(release:"SL6", reference:"ghostscript-gtk-8.70-14.el6_3.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript / ghostscript-devel / ghostscript-doc / ghostscript-gtk"); }
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- http://rhn.redhat.com/errata/RHSA-2012-1256.html
- http://www.securityfocus.com/bid/55494
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:151
- http://www.securitytracker.com/id?1027517
- http://www.openwall.com/lists/oss-security/2012/09/11/2
- http://www.ubuntu.com/usn/USN-1581-1
- http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00001.html
- http://lists.opensuse.org/opensuse-updates/2012-10/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00031.html
- http://secunia.com/advisories/50719
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:090
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:089
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0301
- http://security.gentoo.org/glsa/glsa-201412-17.xml
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78411