DATABASE RESOURCES PRICING ABOUT US

{"id": "FEDORA:C40526079A07", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 23 Update: ghostscript-9.20-5.fc23", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "published": "2016-11-24T08:27:12", "modified": "2016-11-24T08:27:12", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/N4ABJYWW2PTMKTTPCS6TGTVPLR5WMCPD/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2016-7977", "CVE-2016-8602"], "immutableFields": [], "lastseen": "2020-12-21T08:17:53", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2017-784"]}, {"type": "centos", "idList": ["CESA-2017:0013", "CESA-2017:0014"]}, {"type": "cve", "idList": ["CVE-2016-7977", "CVE-2016-8602"]}, {"type": "debian", "idList": ["DEBIAN:DLA-674-1:A5970", "DEBIAN:DSA-3691-1:07C6A", "DEBIAN:DSA-3691-1:BD2E4"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-7977", "DEBIANCVE:CVE-2016-8602", "DEBIANCVE:CVE-2018-11645"]}, {"type": "f5", "idList": ["F5:K30552262"]}, {"type": "fedora", "idList": ["FEDORA:57490608BFE3", "FEDORA:8294F6042B20", "FEDORA:DBE56606E607", "FEDORA:DCA23608A1F6", "FEDORA:ED16260620D6"]}, {"type": "gentoo", "idList": ["GLSA-201702-31"]}, {"type": "ibm", "idList": ["15979D359BB848CC1BFF0D3C139D27D860BC5601AF65EB49057BAC8F1882FE0C"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/DEBIAN-CVE-2016-8602/"]}, {"type": "nessus", "idList": ["ALA_ALAS-2017-784.NASL", "CENTOS_RHSA-2017-0013.NASL", "CENTOS_RHSA-2017-0014.NASL", "DEBIAN_DSA-3691.NASL", "EULEROS_SA-2016-1050.NASL", "EULEROS_SA-2021-1788.NASL", "FEDORA_2016-15D4C05A19.NASL", "FEDORA_2016-1C13825502.NASL", "FEDORA_2016-2DF27A2224.NASL", "FEDORA_2016-3DAD5DFD03.NASL", "FEDORA_2016-53E8AA35F6.NASL", "FEDORA_2016-62F2B66ED1.NASL", "GENTOO_GLSA-201702-31.NASL", "OPENSUSE-2016-1237.NASL", "OPENSUSE-2016-1258.NASL", "ORACLELINUX_ELSA-2017-0013.NASL", "ORACLELINUX_ELSA-2017-0014.NASL", "ORACLEVM_OVMSA-2017-0002.NASL", "REDHAT-RHSA-2017-0013.NASL", "REDHAT-RHSA-2017-0014.NASL", "SL_20170104_GHOSTSCRIPT_ON_SL6_X.NASL", "SL_20170104_GHOSTSCRIPT_ON_SL7_X.NASL", "SUSE_SU-2016-2493-1.NASL", "SUSE_SU-2016-2654-1.NASL", "SUSE_SU-2016-2723-1.NASL", "UBUNTU_USN-3148-1.NASL", "VIRTUOZZO_VZLSA-2017-0013.NASL", "VIRTUOZZO_VZLSA-2017-0014.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703691", "OPENVAS:1361412562310809941", "OPENVAS:1361412562310809977", "OPENVAS:1361412562310810124", "OPENVAS:1361412562310810193", "OPENVAS:1361412562310843766", "OPENVAS:1361412562310851424", "OPENVAS:1361412562310871736", "OPENVAS:1361412562310871737", "OPENVAS:1361412562310871895", "OPENVAS:1361412562310872054", "OPENVAS:1361412562310882623", "OPENVAS:1361412562310882624", "OPENVAS:1361412562311220161050", "OPENVAS:1361412562311220192151", "OPENVAS:1361412562311220201240", "OPENVAS:1361412562311220201499", "OPENVAS:703691"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2018", "ORACLE:CPUJAN2018-3236628"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0013", "ELSA-2017-0014", "ELSA-2017-2180"]}, {"type": "redhat", "idList": ["RHSA-2017:0013", "RHSA-2017:0014"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-7977", "RH:CVE-2016-8602"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:2648-1", "SUSE-SU-2016:2493-1"]}, {"type": "ubuntu", "idList": ["USN-3148-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-7977", "UB:CVE-2016-8602"]}]}, "score": {"value": 5.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2017:0013", "CESA-2017:0014"]}, {"type": "cve", "idList": ["CVE-2016-7977"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3691-1:07C6A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-7977"]}, {"type": "fedora", "idList": ["FEDORA:DBE56606E607"]}, {"type": "nessus", "idList": ["FEDORA_2016-2DF27A2224.NASL", "OPENSUSE-2016-1237.NASL", "SUSE_SU-2016-2654-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220201240"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2018"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0014"]}, {"type": "redhat", "idList": ["RHSA-2017:0014"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-7977"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:2648-1"]}, {"type": "ubuntu", "idList": ["USN-3148-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-7977"]}]}, "exploitation": null, "vulnersScore": 5.4}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "23", "arch": "any", "packageName": "ghostscript", "packageVersion": "9.20", "packageFilename": "UNKNOWN", "operator": "lt"}]}

{"openvas": [{"lastseen": "2019-05-29T18:35:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for ghostscript FEDORA-2016-62f2b66ed1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7977", "CVE-2016-8602"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871895", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871895", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2016-62f2b66ed1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871895\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:19:50 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-8602\", \"CVE-2016-7977\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for ghostscript FEDORA-2016-62f2b66ed1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ghostscript on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-62f2b66ed1\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBEDHHGKZP4TJOWBL2RD44K42LF4NYEU\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.20~4.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for ghostscript FEDORA-2016-3dad5dfd03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7977", "CVE-2016-8602"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310810193", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810193", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2016-3dad5dfd03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810193\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:04:22 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-8602\", \"CVE-2016-7977\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for ghostscript FEDORA-2016-3dad5dfd03\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ghostscript on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-3dad5dfd03\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAX3YEE2SS5UUT4SRP4SJEIC4UUOPPUT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.20~5.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for ghostscript FEDORA-2016-15d4c05a19", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7977", "CVE-2016-8602"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310810124", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810124", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2016-15d4c05a19\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810124\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:04:38 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-8602\", \"CVE-2016-7977\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for ghostscript FEDORA-2016-15d4c05a19\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ghostscript on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-15d4c05a19\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ABJYWW2PTMKTTPCS6TGTVPLR5WMCPD\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.20~5.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:13", "description": "Check the version of ghostscript", "cvss3": {}, "published": "2017-01-05T00:00:00", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2017:0014 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-8602", "CVE-2013-5653"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882623", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882623", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2017:0014 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882623\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-05 05:42:43 +0100 (Thu, 05 Jan 2017)\");\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for ghostscript CESA-2017:0014 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of ghostscript\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Ghostscript suite contains utilities\nfor rendering PostScript and PDF documents. Ghostscript translates PostScript\ncode to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es):\n\n * It was found that the ghostscript functions getenv, filenameforall and\n.libfile did not honor the -dSAFER option, usually used when processing\nuntrusted documents, leading to information disclosure. A specially crafted\npostscript document could read environment variable, list directory and\nretrieve file content respectively, from the target. (CVE-2013-5653,\nCVE-2016-7977)\n\n * It was found that the ghostscript function .initialize_dsc_parser did not\nvalidate its parameter before using it, allowing a type confusion flaw. A\nspecially crafted postscript document could cause a crash code execution in\nthe context of the gs process. (CVE-2016-7979)\n\n * It was found that ghostscript did not sufficiently check the validity of\nparameters given to the .sethalftone5 function. A specially crafted\npostscript document could cause a crash, or execute arbitrary code in the\ncontext of the gs process. (CVE-2016-8602)\");\n script_tag(name:\"affected\", value:\"ghostscript on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:0014\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-January/022191.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~21.el6_8.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.70~21.el6_8.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.70~21.el6_8.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.70~21.el6_8.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-01-05T00:00:00", "type": "openvas", "title": "RedHat Update for ghostscript RHSA-2017:0014-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-8602", "CVE-2013-5653"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871736", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871736", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ghostscript RHSA-2017:0014-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871736\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-05 05:42:21 +0100 (Thu, 05 Jan 2017)\");\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for ghostscript RHSA-2017:0014-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Ghostscript suite contains utilities for rendering PostScript and PDF\ndocuments. Ghostscript translates PostScript code to common bitmap formats\nso that the code can be displayed or printed.\n\nSecurity Fix(es):\n\n * It was found that the ghostscript functions getenv, filenameforall and\n.libfile did not honor the -dSAFER option, usually used when processing\nuntrusted documents, leading to information disclosure. A specially crafted\npostscript document could read environment variable, list directory and\nretrieve file content respectively, from the target. (CVE-2013-5653,\nCVE-2016-7977)\n\n * It was found that the ghostscript function .initialize_dsc_parser did not\nvalidate its parameter before using it, allowing a type confusion flaw. A\nspecially crafted postscript document could cause a crash code execution in\nthe context of the gs process. (CVE-2016-7979)\n\n * It was found that ghostscript did not sufficiently check the validity of\nparameters given to the .sethalftone5 function. A specially crafted\npostscript document could cause a crash, or execute arbitrary code in the\ncontext of the gs process. (CVE-2016-8602)\");\n script_tag(name:\"affected\", value:\"ghostscript on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0014-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00005.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.70~21.el6_8.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.70~21.el6_8.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:36:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2016-1050)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-8602", "CVE-2013-5653"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220161050", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220161050", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2016.1050\");\n script_version(\"2020-01-23T10:41:04+0000\");\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:41:04 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:41:04 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2016-1050)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2016-1050\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1050\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ghostscript' package(s) announced via the EulerOS-SA-2016-1050 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\nIt was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process. (CVE-2016-7978)\n\nIt was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\nIt was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)\");\n\n script_tag(name:\"affected\", value:\"'ghostscript' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.07~20.1.h1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-cups\", rpm:\"ghostscript-cups~9.07~20.1.h1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:21", "description": "Check the version of ghostscript", "cvss3": {}, "published": "2017-01-05T00:00:00", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2017:0013 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-8602", "CVE-2013-5653"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882624", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882624", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2017:0013 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882624\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-05 05:42:48 +0100 (Thu, 05 Jan 2017)\");\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\",\n \"CVE-2016-8602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for ghostscript CESA-2017:0013 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of ghostscript\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Ghostscript suite contains utilities\nfor rendering PostScript and PDF documents. Ghostscript translates PostScript\ncode to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es):\n\n * It was found that the ghostscript functions getenv, filenameforall and\n.libfile did not honor the -dSAFER option, usually used when processing\nuntrusted documents, leading to information disclosure. A specially crafted\npostscript document could read environment variable, list directory and\nretrieve file content respectively, from the target. (CVE-2013-5653,\nCVE-2016-7977)\n\n * It was found that the ghostscript function .setdevice suffered a\nuse-after-free vulnerability due to an incorrect reference count. A\nspecially crafted postscript document could trigger code execution in the\ncontext of the gs process. (CVE-2016-7978)\n\n * It was found that the ghostscript function .initialize_dsc_parser did not\nvalidate its parameter before using it, allowing a type confusion flaw. A\nspecially crafted postscript document could cause a crash code execution in\nthe context of the gs process. (CVE-2016-7979)\n\n * It was found that ghostscript did not sufficiently check the validity of\nparameters given to the .sethalftone5 function. A specially crafted\npostscript document could cause a crash, or execute arbitrary code in the\ncontext of the gs process. (CVE-2016-8602)\");\n script_tag(name:\"affected\", value:\"ghostscript on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:0013\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-January/022192.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.07~20.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-cups\", rpm:\"ghostscript-cups~9.07~20.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~9.07~20.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~9.07~20.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~9.07~20.el7_3.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-01-05T00:00:00", "type": "openvas", "title": "RedHat Update for ghostscript RHSA-2017:0013-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-8602", "CVE-2013-5653"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871737", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871737", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ghostscript RHSA-2017:0013-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871737\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-05 05:42:26 +0100 (Thu, 05 Jan 2017)\");\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for ghostscript RHSA-2017:0013-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Ghostscript suite contains utilities for rendering PostScript and PDF\ndocuments. Ghostscript translates PostScript code to common bitmap formats\nso that the code can be displayed or printed.\n\nSecurity Fix(es):\n\n * It was found that the ghostscript functions getenv, filenameforall and\n.libfile did not honor the -dSAFER option, usually used when processing\nuntrusted documents, leading to information disclosure. A specially crafted\npostscript document could read environment variable, list directory and\nretrieve file content respectively, from the target. (CVE-2013-5653,\nCVE-2016-7977)\n\n * It was found that the ghostscript function .setdevice suffered a\nuse-after-free vulnerability due to an incorrect reference count. A\nspecially crafted postscript document could trigger code execution in the\ncontext of the gs process. (CVE-2016-7978)\n\n * It was found that the ghostscript function .initialize_dsc_parser did not\nvalidate its parameter before using it, allowing a type confusion flaw. A\nspecially crafted postscript document could cause a crash code execution in\nthe context of the gs process. (CVE-2016-7979)\n\n * It was found that ghostscript did not sufficiently check the validity of\nparameters given to the .sethalftone5 function. A specially crafted\npostscript document could cause a crash, or execute arbitrary code in the\ncontext of the gs process. (CVE-2016-8602)\");\n script_tag(name:\"affected\", value:\"ghostscript on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0013-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00004.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.07~20.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-cups\", rpm:\"ghostscript-cups~9.07~20.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~9.07~20.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-09-04T14:19:10", "description": "Several vulnerabilities were discovered\nin Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution\nof arbitrary code or information disclosure if a specially crafted Postscript file\nis processed.", "cvss3": {}, "published": "2016-10-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3691-1 (ghostscript - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-8602", "CVE-2013-5653", "CVE-2016-7976"], "modified": "2017-08-18T00:00:00", "id": "OPENVAS:703691", "href": "http://plugins.openvas.org/nasl.php?oid=703691", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3691.nasl 6959 2017-08-18 07:24:59Z asteins $\n# Auto-generated from advisory DSA 3691-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703691);\n script_version(\"$Revision: 6959 $\");\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7976\", \"CVE-2016-7977\", \"CVE-2016-7978\",\n \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_name(\"Debian Security Advisory DSA 3691-1 (ghostscript - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-08-18 09:24:59 +0200 (Fri, 18 Aug 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-10-12 00:00:00 +0200 (Wed, 12 Oct 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3691.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"ghostscript on Debian Linux\");\n script_tag(name: \"insight\", value: \"GPL Ghostscript is used for\nPostScript/PDF preview and printing. Usually as a back-end to a program such\nas ghostview, it can display PostScript and PDF documents in an X11\nenvironment.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 9.06~dfsg-2+deb8u3.\n\nWe recommend that you upgrade your ghostscript packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered\nin Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution\nof arbitrary code or information disclosure if a specially crafted Postscript file\nis processed.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"9.06~dfsg-2+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-dbg\", ver:\"9.06~dfsg-2+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"9.06~dfsg-2+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"9.06~dfsg-2+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"9.06~dfsg-2+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs9\", ver:\"9.06~dfsg-2+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs9-common\", ver:\"9.06~dfsg-2+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:33:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "Ubuntu Update for ghostscript USN-3148-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-8602", "CVE-2013-5653", "CVE-2016-7976"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843766", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843766", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3148_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for ghostscript USN-3148-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843766\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2016-7976\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\", \"CVE-2013-5653\", \"CVE-2016-7977\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:16:34 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"Ubuntu Update for ghostscript USN-3148-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.10|12\\.04 LTS|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3148-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3148-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the USN-3148-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Tavis Ormandy discovered multiple vulnerabilities in the way that Ghostscript\nprocesses certain Postscript files. If a user or automated system were tricked\ninto opening a specially crafted file, an attacker could cause a denial of\nservice or possibly execute arbitrary code. (CVE-2016-7976, CVE-2016-7978,\nCVE-2016-7979, CVE-2016-8602)\n\nMultiple vulnerabilities were discovered in Ghostscript related to information\ndisclosure. If a user or automated system were tricked into opening a specially\ncrafted file, an attacker could expose sensitive data. (CVE-2013-5653,\nCVE-2016-7977)\");\n\n script_tag(name:\"affected\", value:\"ghostscript on Ubuntu 16.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"9.10~dfsg-0ubuntu10.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"9.10~dfsg-0ubuntu10.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs9\", ver:\"9.10~dfsg-0ubuntu10.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs9-common\", ver:\"9.10~dfsg-0ubuntu10.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"9.19~dfsg+1-0ubuntu6.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"9.19~dfsg+1-0ubuntu6.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs9\", ver:\"9.19~dfsg+1-0ubuntu6.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs9-common\", ver:\"9.19~dfsg+1-0ubuntu6.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"9.05~dfsg-0ubuntu4.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"9.05~dfsg-0ubuntu4.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs9\", ver:\"9.05~dfsg-0ubuntu4.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs9-common\", ver:\"9.05~dfsg-0ubuntu4.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"9.18~dfsg~0-0ubuntu2.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"9.18~dfsg~0-0ubuntu2.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs9\", ver:\"9.18~dfsg~0-0ubuntu2.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs9-common\", ver:\"9.18~dfsg~0-0ubuntu2.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:44", "description": "Several vulnerabilities were discovered\nin Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution\nof arbitrary code or information disclosure if a specially crafted Postscript file\nis processed.", "cvss3": {}, "published": "2016-10-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3691-1 (ghostscript - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-8602", "CVE-2013-5653", "CVE-2016-7976"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703691", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703691", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3691.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3691-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703691\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7976\", \"CVE-2016-7977\", \"CVE-2016-7978\",\n \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_name(\"Debian Security Advisory DSA 3691-1 (ghostscript - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-12 00:00:00 +0200 (Wed, 12 Oct 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3691.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"ghostscript on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 9.06~dfsg-2+deb8u3.\n\nWe recommend that you upgrade your ghostscript packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered\nin Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution\nof arbitrary code or information disclosure if a specially crafted Postscript file\nis processed.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"9.06~dfsg-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript-dbg\", ver:\"9.06~dfsg-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"9.06~dfsg-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"9.06~dfsg-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"9.06~dfsg-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgs9\", ver:\"9.06~dfsg-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgs9-common\", ver:\"9.06~dfsg-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:36:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-10-27T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for ghostscript (openSUSE-SU-2016:2648-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7978", "CVE-2016-8602", "CVE-2013-5653"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851424", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851424", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851424\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-10-27 05:40:34 +0200 (Thu, 27 Oct 2016)\");\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for ghostscript (openSUSE-SU-2016:2648-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for ghostscript fixes the following issues:\n\n - CVE-2016-8602: Fixes a NULL dereference in .sethalftone5 (boo#1004237).\n\n - CVE-2013-5653, CVE-2016-7978, CVE-2016-7979: Fix multiple -dsafer\n related CVE's (boo#1001951).\");\n\n script_tag(name:\"affected\", value:\"ghostscript on openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:2648-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.15~6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~9.15~6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-debugsource\", rpm:\"ghostscript-debugsource~9.15~6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~9.15~6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-mini\", rpm:\"ghostscript-mini~9.15~6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-mini-debuginfo\", rpm:\"ghostscript-mini-debuginfo~9.15~6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-mini-debugsource\", rpm:\"ghostscript-mini-debugsource~9.15~6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-mini-devel\", rpm:\"ghostscript-mini-devel~9.15~6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~9.15~6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-x11-debuginfo\", rpm:\"ghostscript-x11-debuginfo~9.15~6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for ghostscript FEDORA-2016-53e8aa35f6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-7978", "CVE-2013-5653", "CVE-2016-7976"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809941", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809941", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2016-53e8aa35f6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809941\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:39 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7977\", \"CVE-2013-5653\", \"CVE-2016-7976\", \"CVE-2016-7978\", \"CVE-2016-7979\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for ghostscript FEDORA-2016-53e8aa35f6\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ghostscript on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-53e8aa35f6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI4PWI7OY3FHLZ2FO5WSSYQQMLWMW6KL\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.20~2.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for ghostscript FEDORA-2016-1c13825502", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-7978", "CVE-2013-5653", "CVE-2016-7976"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809977", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809977", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2016-1c13825502\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809977\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:55 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7977\", \"CVE-2013-5653\", \"CVE-2016-7976\", \"CVE-2016-7978\", \"CVE-2016-7979\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for ghostscript FEDORA-2016-1c13825502\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ghostscript on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1c13825502\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DGWZQR5LZ2KBIKC4NTGQEBUQTE4LIBEJ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.20~2.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for ghostscript FEDORA-2016-2df27a2224", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-7978", "CVE-2013-5653", "CVE-2016-7976"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872054", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872054", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2016-2df27a2224\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872054\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:25:44 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-7977\", \"CVE-2013-5653\", \"CVE-2016-7976\", \"CVE-2016-7978\", \"CVE-2016-7979\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for ghostscript FEDORA-2016-2df27a2224\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ghostscript on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-2df27a2224\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2R76LGAVUISASDAGAG2YYJ4FFPTDP6UG\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.20~2.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:13", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-2151)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7977", "CVE-2018-11645", "CVE-2019-14811", "CVE-2019-14817", "CVE-2019-14812", "CVE-2019-14813", "CVE-2016-7976"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192151", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192151", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2151\");\n script_version(\"2020-01-23T12:36:41+0000\");\n script_cve_id(\"CVE-2016-7976\", \"CVE-2018-11645\", \"CVE-2019-14811\", \"CVE-2019-14812\", \"CVE-2019-14813\", \"CVE-2019-14817\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:36:41 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:36:41 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-2151)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2151\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2151\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ghostscript' package(s) announced via the EulerOS-SA-2019-2151 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.(CVE-2018-11645)\n\nThe PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.(CVE-2016-7976)\n\nA flaw was found in, ghostscript versions prior to 9.28, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14811)\n\nA flaw was found in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14812)\n\nA flaw was found in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14813)\n\nA flaw was found in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14817)\");\n\n script_tag(name:\"affected\", value:\"'ghostscript' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.07~31.6.h8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript-cups\", rpm:\"ghostscript-cups~9.07~31.6.h8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-14T16:49:41", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-13T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1240)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7977", "CVE-2017-7885", "CVE-2017-7976", "CVE-2018-11645", "CVE-2019-14811", "CVE-2019-14817", "CVE-2016-9601", "CVE-2019-14812", "CVE-2019-14813", "CVE-2017-7975", "CVE-2017-9216", "CVE-2016-7976"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201240", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201240", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1240\");\n script_version(\"2020-03-13T07:17:28+0000\");\n script_cve_id(\"CVE-2016-7976\", \"CVE-2016-9601\", \"CVE-2017-7885\", \"CVE-2017-7975\", \"CVE-2017-7976\", \"CVE-2017-9216\", \"CVE-2018-11645\", \"CVE-2019-14811\", \"CVE-2019-14812\", \"CVE-2019-14813\", \"CVE-2019-14817\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:17:28 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:17:28 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1240)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1240\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1240\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ghostscript' package(s) announced via the EulerOS-SA-2020-1240 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.(CVE-2016-7976)\n\npsi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.(CVE-2018-11645)\n\nA flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14817)\n\nA flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14813)\n\nA flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14812)\n\nA flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14811)\n\nlibjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.(CVE-2017-9216)\n\nArtifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code.(CVE-2017-7975)\n\nArtifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'ghostscript' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.07~31.6.h10\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-17T16:56:23", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1499)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19478", "CVE-2016-7977", "CVE-2017-7885", "CVE-2017-7976", "CVE-2018-11645", "CVE-2019-14811", "CVE-2019-14817", "CVE-2016-9601", "CVE-2019-14812", "CVE-2019-10216", "CVE-2019-14813", "CVE-2017-7975", "CVE-2017-9216", "CVE-2016-7976"], "modified": "2020-04-16T00:00:00", "id": "OPENVAS:1361412562311220201499", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201499", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1499\");\n script_version(\"2020-04-16T05:58:44+0000\");\n script_cve_id(\"CVE-2016-7976\", \"CVE-2016-9601\", \"CVE-2017-7885\", \"CVE-2017-7975\", \"CVE-2017-7976\", \"CVE-2017-9216\", \"CVE-2018-11645\", \"CVE-2018-19478\", \"CVE-2019-10216\", \"CVE-2019-14811\", \"CVE-2019-14812\", \"CVE-2019-14813\", \"CVE-2019-14817\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-16 05:58:44 +0000 (Thu, 16 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-16 05:58:44 +0000 (Thu, 16 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1499)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1499\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1499\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ghostscript' package(s) announced via the EulerOS-SA-2020-1499 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.(CVE-2016-7976)\n\npsi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.(CVE-2018-11645)\n\nA flaw was found in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14817)\n\nA flaw was found in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14813)\n\nA flaw was found in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14812)\n\nA flaw was found in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14811)\n\nlibjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.(CVE-2017-9216)\n\nArtifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code.(CVE-2017-7975)\n\nArtifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file.(CVE-2017-7885)\n\nArtifex jbig2dec 0.13 allows out-of-b ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'ghostscript' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~9.07~31.6.h13.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:38:53", "description": "This update fixes a rare ocasion where ghostscript would fail when displaying *.ps files. More info can be found [here](http://bugs.ghostscript.com/show_bug.cgi?id=697286).\n\n----\n\nThis is a security update for these CVEs :\n\n - [CVE-2016-8602](https://bugzilla.redhat.com/show_bug.cgi ?id=1383940) - *check for sufficient params in .sethalftone5*\n\n - [CVE-2016-7977](https://bugzilla.redhat.com/show_bug.cgi ?id=1380415) - *.libfile does not honor -dSAFER* [This CVE is now correctly fixed, previous release was accidentally missing the fix.]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-25T00:00:00", "type": "nessus", "title": "Fedora 23 : ghostscript (2016-15d4c05a19)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7977", "CVE-2016-8602"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ghostscript", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-15D4C05A19.NASL", "href": "https://www.tenable.com/plugins/nessus/95300", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-15d4c05a19.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95300);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7977\", \"CVE-2016-8602\");\n script_xref(name:\"FEDORA\", value:\"2016-15d4c05a19\");\n\n script_name(english:\"Fedora 23 : ghostscript (2016-15d4c05a19)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a rare ocasion where ghostscript would fail when\ndisplaying *.ps files. More info can be found\n[here](http://bugs.ghostscript.com/show_bug.cgi?id=697286).\n\n----\n\nThis is a security update for these CVEs :\n\n -\n [CVE-2016-8602](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1383940) - *check for sufficient params in\n .sethalftone5*\n\n -\n [CVE-2016-7977](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1380415) - *.libfile does not honor -dSAFER* [This\n CVE is now correctly fixed, previous release was\n accidentally missing the fix.]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-15d4c05a19\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1380415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1383940\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"ghostscript-9.20-5.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:38:41", "description": "This is a security update for these CVEs :\n\n - [CVE-2016-8602](https://bugzilla.redhat.com/show_bug.cgi ?id=1383940) - *check for sufficient params in .sethalftone5*\n\n - [CVE-2016-7977](https://bugzilla.redhat.com/show_bug.cgi ?id=1380415) - *.libfile does not honor -dSAFER* [This CVE is now correctly fixed, previous release was accidentally missing the fix.]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-21T00:00:00", "type": "nessus", "title": "Fedora 25 : ghostscript (2016-62f2b66ed1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7977", "CVE-2016-8602"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ghostscript", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-62F2B66ED1.NASL", "href": "https://www.tenable.com/plugins/nessus/95004", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-62f2b66ed1.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95004);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7977\", \"CVE-2016-8602\");\n script_xref(name:\"FEDORA\", value:\"2016-62f2b66ed1\");\n\n script_name(english:\"Fedora 25 : ghostscript (2016-62f2b66ed1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a security update for these CVEs :\n\n -\n [CVE-2016-8602](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1383940) - *check for sufficient params in\n .sethalftone5*\n\n -\n [CVE-2016-7977](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1380415) - *.libfile does not honor -dSAFER* [This\n CVE is now correctly fixed, previous release was\n accidentally missing the fix.]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-62f2b66ed1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1380415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1383940\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"ghostscript-9.20-4.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:40", "description": "This update fixes a rare ocasion where ghostscript would fail when displaying *.ps files. More info can be found [here](http://bugs.ghostscript.com/show_bug.cgi?id=697286).\n\n----\n\nThis is a security update for these CVEs :\n\n - [CVE-2016-8602](https://bugzilla.redhat.com/show_bug.cgi ?id=1383940) - *check for sufficient params in .sethalftone5*\n\n - [CVE-2016-7977](https://bugzilla.redhat.com/show_bug.cgi ?id=1380415) - *.libfile does not honor -dSAFER* [This CVE is now correctly fixed, previous release was accidentally missing the fix.]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-08T00:00:00", "type": "nessus", "title": "Fedora 24 : ghostscript (2016-3dad5dfd03)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7977", "CVE-2016-8602"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ghostscript", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-3DAD5DFD03.NASL", "href": "https://www.tenable.com/plugins/nessus/94615", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-3dad5dfd03.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94615);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7977\", \"CVE-2016-8602\");\n script_xref(name:\"FEDORA\", value:\"2016-3dad5dfd03\");\n\n script_name(english:\"Fedora 24 : ghostscript (2016-3dad5dfd03)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a rare ocasion where ghostscript would fail when\ndisplaying *.ps files. More info can be found\n[here](http://bugs.ghostscript.com/show_bug.cgi?id=697286).\n\n----\n\nThis is a security update for these CVEs :\n\n -\n [CVE-2016-8602](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1383940) - *check for sufficient params in\n .sethalftone5*\n\n -\n [CVE-2016-7977](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1380415) - *.libfile does not honor -dSAFER* [This\n CVE is now correctly fixed, previous release was\n accidentally missing the fix.]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-3dad5dfd03\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1380415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1383940\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"ghostscript-9.20-5.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:46:11", "description": "An update for ghostscript is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-07-13T00:00:00", "type": "nessus", "title": "Virtuozzo 6 : ghostscript / ghostscript-devel / ghostscript-doc / etc (VZLSA-2017-0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:ghostscript", "p-cpe:/a:virtuozzo:virtuozzo:ghostscript-devel", "p-cpe:/a:virtuozzo:virtuozzo:ghostscript-doc", "p-cpe:/a:virtuozzo:virtuozzo:ghostscript-gtk", "cpe:/o:virtuozzo:virtuozzo:6"], "id": "VIRTUOZZO_VZLSA-2017-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/101400", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101400);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2013-5653\",\n \"CVE-2016-7977\",\n \"CVE-2016-7979\",\n \"CVE-2016-8602\"\n );\n\n script_name(english:\"Virtuozzo 6 : ghostscript / ghostscript-devel / ghostscript-doc / etc (VZLSA-2017-0014)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for ghostscript is now available for Red Hat Enterprise\nLinux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and\nPDF documents. Ghostscript translates PostScript code to common bitmap\nformats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall\nand .libfile did not honor the -dSAFER option, usually used when\nprocessing untrusted documents, leading to information disclosure. A\nspecially crafted postscript document could read environment variable,\nlist directory and retrieve file content respectively, from the\ntarget. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .initialize_dsc_parser\ndid not validate its parameter before using it, allowing a type\nconfusion flaw. A specially crafted postscript document could cause a\ncrash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the\nvalidity of parameters given to the .sethalftone5 function. A\nspecially crafted postscript document could cause a crash, or execute\narbitrary code in the context of the gs process. (CVE-2016-8602)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-0014.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ef1cc53d\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-0014\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ghostscript / ghostscript-devel / ghostscript-doc / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"ghostscript-8.70-21.vl6.1\",\n \"ghostscript-devel-8.70-21.vl6.1\",\n \"ghostscript-doc-8.70-21.vl6.1\",\n \"ghostscript-gtk-8.70-21.vl6.1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:37:47", "description": "Security Fix(es) :\n\n - It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n - It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process.\n (CVE-2016-7979)\n\n - It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-05T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ghostscript on SL6.x i386/x86_64 (20170104)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:ghostscript", "p-cpe:/a:fermilab:scientific_linux:ghostscript-debuginfo", "p-cpe:/a:fermilab:scientific_linux:ghostscript-devel", "p-cpe:/a:fermilab:scientific_linux:ghostscript-doc", "p-cpe:/a:fermilab:scientific_linux:ghostscript-gtk", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170104_GHOSTSCRIPT_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/96301", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96301);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n\n script_name(english:\"Scientific Linux Security Update : ghostscript on SL6.x i386/x86_64 (20170104)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - It was found that the ghostscript functions getenv,\n filenameforall and .libfile did not honor the -dSAFER\n option, usually used when processing untrusted\n documents, leading to information disclosure. A\n specially crafted postscript document could read\n environment variable, list directory and retrieve file\n content respectively, from the target. (CVE-2013-5653,\n CVE-2016-7977)\n\n - It was found that the ghostscript function\n .initialize_dsc_parser did not validate its parameter\n before using it, allowing a type confusion flaw. A\n specially crafted postscript document could cause a\n crash code execution in the context of the gs process.\n (CVE-2016-7979)\n\n - It was found that ghostscript did not sufficiently check\n the validity of parameters given to the .sethalftone5\n function. A specially crafted postscript document could\n cause a crash, or execute arbitrary code in the context\n of the gs process. (CVE-2016-8602)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1701&L=scientific-linux-errata&F=&S=&P=808\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab100b4a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"ghostscript-8.70-21.el6_8.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ghostscript-debuginfo-8.70-21.el6_8.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ghostscript-devel-8.70-21.el6_8.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ghostscript-doc-8.70-21.el6_8.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ghostscript-gtk-8.70-21.el6_8.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-debuginfo / ghostscript-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:37:03", "description": "From Red Hat Security Advisory 2017:0014 :\n\nAn update for ghostscript is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-05T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : ghostscript (ELSA-2017-0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ghostscript", "p-cpe:/a:oracle:linux:ghostscript-devel", "p-cpe:/a:oracle:linux:ghostscript-doc", "p-cpe:/a:oracle:linux:ghostscript-gtk", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2017-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/96299", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:0014 and \n# Oracle Linux Security Advisory ELSA-2017-0014 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96299);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_xref(name:\"RHSA\", value:\"2017:0014\");\n\n script_name(english:\"Oracle Linux 6 : ghostscript (ELSA-2017-0014)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:0014 :\n\nAn update for ghostscript is now available for Red Hat Enterprise\nLinux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and\nPDF documents. Ghostscript translates PostScript code to common bitmap\nformats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall\nand .libfile did not honor the -dSAFER option, usually used when\nprocessing untrusted documents, leading to information disclosure. A\nspecially crafted postscript document could read environment variable,\nlist directory and retrieve file content respectively, from the\ntarget. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .initialize_dsc_parser\ndid not validate its parameter before using it, allowing a type\nconfusion flaw. A specially crafted postscript document could cause a\ncrash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the\nvalidity of parameters given to the .sethalftone5 function. A\nspecially crafted postscript document could cause a crash, or execute\narbitrary code in the context of the gs process. (CVE-2016-8602)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-January/006611.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"ghostscript-8.70-21.el6_8.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ghostscript-devel-8.70-21.el6_8.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ghostscript-doc-8.70-21.el6_8.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ghostscript-gtk-8.70-21.el6_8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-doc / ghostscript-gtk\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:37:26", "description": "It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653 , CVE-2016-7977)\n\nIt was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\nIt was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-11T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ghostscript (ALAS-2017-784)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ghostscript", "p-cpe:/a:amazon:linux:ghostscript-debuginfo", "p-cpe:/a:amazon:linux:ghostscript-devel", "p-cpe:/a:amazon:linux:ghostscript-doc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-784.NASL", "href": "https://www.tenable.com/plugins/nessus/96395", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-784.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96395);\n script_version(\"3.7\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_xref(name:\"ALAS\", value:\"2017-784\");\n\n script_name(english:\"Amazon Linux AMI : ghostscript (ALAS-2017-784)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the ghostscript functions getenv, filenameforall and\n.libfile did not honor the -dSAFER option, usually used when\nprocessing untrusted documents, leading to information disclosure. A\nspecially crafted postscript document could read environment variable,\nlist directory and retrieve file content respectively, from the\ntarget. (CVE-2013-5653 , CVE-2016-7977)\n\nIt was found that the ghostscript function .initialize_dsc_parser did\nnot validate its parameter before using it, allowing a type confusion\nflaw. A specially crafted postscript document could cause a crash code\nexecution in the context of the gs process. (CVE-2016-7979)\n\nIt was found that ghostscript did not sufficiently check the validity\nof parameters given to the .sethalftone5 function. A specially crafted\npostscript document could cause a crash, or execute arbitrary code in\nthe context of the gs process. (CVE-2016-8602)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-784.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update ghostscript' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ghostscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ghostscript-8.70-21.1.24.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ghostscript-debuginfo-8.70-21.1.24.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ghostscript-devel-8.70-21.1.24.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ghostscript-doc-8.70-21.1.24.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-debuginfo / ghostscript-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:37:27", "description": "An update for ghostscript is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-05T00:00:00", "type": "nessus", "title": "RHEL 6 : ghostscript (RHSA-2017:0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ghostscript", "p-cpe:/a:redhat:enterprise_linux:ghostscript-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ghostscript-devel", "p-cpe:/a:redhat:enterprise_linux:ghostscript-doc", "p-cpe:/a:redhat:enterprise_linux:ghostscript-gtk", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2017-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/96309", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0014. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96309);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_xref(name:\"RHSA\", value:\"2017:0014\");\n\n script_name(english:\"RHEL 6 : ghostscript (RHSA-2017:0014)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for ghostscript is now available for Red Hat Enterprise\nLinux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and\nPDF documents. Ghostscript translates PostScript code to common bitmap\nformats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall\nand .libfile did not honor the -dSAFER option, usually used when\nprocessing untrusted documents, leading to information disclosure. A\nspecially crafted postscript document could read environment variable,\nlist directory and retrieve file content respectively, from the\ntarget. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .initialize_dsc_parser\ndid not validate its parameter before using it, allowing a type\nconfusion flaw. A specially crafted postscript document could cause a\ncrash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the\nvalidity of parameters given to the .sethalftone5 function. A\nspecially crafted postscript document could cause a crash, or execute\narbitrary code in the context of the gs process. (CVE-2016-8602)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0014\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-5653\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7977\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7979\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-8602\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0014\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"ghostscript-8.70-21.el6_8.1\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ghostscript-debuginfo-8.70-21.el6_8.1\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ghostscript-devel-8.70-21.el6_8.1\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ghostscript-doc-8.70-21.el6_8.1\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ghostscript-doc-8.70-21.el6_8.1\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ghostscript-doc-8.70-21.el6_8.1\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ghostscript-gtk-8.70-21.el6_8.1\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ghostscript-gtk-8.70-21.el6_8.1\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ghostscript-gtk-8.70-21.el6_8.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-debuginfo / ghostscript-devel / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:36:43", "description": "An update for ghostscript is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-05T00:00:00", "type": "nessus", "title": "CentOS 6 : ghostscript (CESA-2017:0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ghostscript", "p-cpe:/a:centos:centos:ghostscript-devel", "p-cpe:/a:centos:centos:ghostscript-doc", "p-cpe:/a:centos:centos:ghostscript-gtk", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2017-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/96286", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0014 and \n# CentOS Errata and Security Advisory 2017:0014 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96286);\n script_version(\"3.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_xref(name:\"RHSA\", value:\"2017:0014\");\n\n script_name(english:\"CentOS 6 : ghostscript (CESA-2017:0014)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for ghostscript is now available for Red Hat Enterprise\nLinux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and\nPDF documents. Ghostscript translates PostScript code to common bitmap\nformats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall\nand .libfile did not honor the -dSAFER option, usually used when\nprocessing untrusted documents, leading to information disclosure. A\nspecially crafted postscript document could read environment variable,\nlist directory and retrieve file content respectively, from the\ntarget. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .initialize_dsc_parser\ndid not validate its parameter before using it, allowing a type\nconfusion flaw. A specially crafted postscript document could cause a\ncrash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the\nvalidity of parameters given to the .sethalftone5 function. A\nspecially crafted postscript document could cause a crash, or execute\narbitrary code in the context of the gs process. (CVE-2016-8602)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-January/022191.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9f4037d0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-7979\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"ghostscript-8.70-21.el6_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ghostscript-devel-8.70-21.el6_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ghostscript-doc-8.70-21.el6_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ghostscript-gtk-8.70-21.el6_8.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-doc / ghostscript-gtk\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:36:44", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - Added security fixes for :\n\n - CVE-2013-5653 (bug #1380327)\n\n - CVE-2016-7977 (bug #1380415)\n\n - CVE-2016-7979 (bug #1382305)\n\n - CVE-2016-8602 (bug #1383940)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-05T00:00:00", "type": "nessus", "title": "OracleVM 3.3 / 3.4 : ghostscript (OVMSA-2017-0002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:ghostscript", "cpe:/o:oracle:vm_server:3.3", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2017-0002.NASL", "href": "https://www.tenable.com/plugins/nessus/96300", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2017-0002.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96300);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n\n script_name(english:\"OracleVM 3.3 / 3.4 : ghostscript (OVMSA-2017-0002)\");\n script_summary(english:\"Checks the RPM output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Added security fixes for :\n\n - CVE-2013-5653 (bug #1380327)\n\n - CVE-2016-7977 (bug #1380415)\n\n - CVE-2016-7979 (bug #1382305)\n\n - CVE-2016-8602 (bug #1383940)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2017-January/000613.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e44231db\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2017-January/000612.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3b4ee644\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"(3\\.3|3\\.4)\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3 / 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"ghostscript-8.70-21.el6_8.1\")) flag++;\n\nif (rpm_check(release:\"OVS3.4\", reference:\"ghostscript-8.70-21.el6_8.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:46:35", "description": "An update for ghostscript is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process. (CVE-2016-7978)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-07-13T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : ghostscript / ghostscript-cups / ghostscript-devel / etc (VZLSA-2017-0013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:ghostscript", "p-cpe:/a:virtuozzo:virtuozzo:ghostscript-cups", "p-cpe:/a:virtuozzo:virtuozzo:ghostscript-devel", "p-cpe:/a:virtuozzo:virtuozzo:ghostscript-doc", "p-cpe:/a:virtuozzo:virtuozzo:ghostscript-gtk", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZLSA-2017-0013.NASL", "href": "https://www.tenable.com/plugins/nessus/101399", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101399);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2013-5653\",\n \"CVE-2016-7977\",\n \"CVE-2016-7978\",\n \"CVE-2016-7979\",\n \"CVE-2016-8602\"\n );\n\n script_name(english:\"Virtuozzo 7 : ghostscript / ghostscript-cups / ghostscript-devel / etc (VZLSA-2017-0013)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for ghostscript is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and\nPDF documents. Ghostscript translates PostScript code to common bitmap\nformats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall\nand .libfile did not honor the -dSAFER option, usually used when\nprocessing untrusted documents, leading to information disclosure. A\nspecially crafted postscript document could read environment variable,\nlist directory and retrieve file content respectively, from the\ntarget. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .setdevice suffered a\nuse-after-free vulnerability due to an incorrect reference count. A\nspecially crafted postscript document could trigger code execution in\nthe context of the gs process. (CVE-2016-7978)\n\n* It was found that the ghostscript function .initialize_dsc_parser\ndid not validate its parameter before using it, allowing a type\nconfusion flaw. A specially crafted postscript document could cause a\ncrash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the\nvalidity of parameters given to the .sethalftone5 function. A\nspecially crafted postscript document could cause a crash, or execute\narbitrary code in the context of the gs process. (CVE-2016-8602)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-0013.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e544dc00\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-0013\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ghostscript / ghostscript-cups / ghostscript-devel / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:ghostscript-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"ghostscript-9.07-20.vl7.1\",\n \"ghostscript-cups-9.07-20.vl7.1\",\n \"ghostscript-devel-9.07-20.vl7.1\",\n \"ghostscript-doc-9.07-20.vl7.1\",\n \"ghostscript-gtk-9.07-20.vl7.1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-7\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-cups / ghostscript-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:42:26", "description": "According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n - It was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process. (CVE-2016-7978)\n\n - It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process.\n (CVE-2016-7979)\n\n - It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : ghostscript (EulerOS-SA-2016-1050)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ghostscript", "p-cpe:/a:huawei:euleros:ghostscript-cups", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2016-1050.NASL", "href": "https://www.tenable.com/plugins/nessus/99813", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99813);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2013-5653\",\n \"CVE-2016-7977\",\n \"CVE-2016-7978\",\n \"CVE-2016-7979\",\n \"CVE-2016-8602\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : ghostscript (EulerOS-SA-2016-1050)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ghostscript packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - It was found that the ghostscript functions getenv,\n filenameforall and .libfile did not honor the -dSAFER\n option, usually used when processing untrusted\n documents, leading to information disclosure. A\n specially crafted postscript document could read\n environment variable, list directory and retrieve file\n content respectively, from the target. (CVE-2013-5653,\n CVE-2016-7977)\n\n - It was found that the ghostscript function .setdevice\n suffered a use-after-free vulnerability due to an\n incorrect reference count. A specially crafted\n postscript document could trigger code execution in the\n context of the gs process. (CVE-2016-7978)\n\n - It was found that the ghostscript function\n .initialize_dsc_parser did not validate its parameter\n before using it, allowing a type confusion flaw. A\n specially crafted postscript document could cause a\n crash code execution in the context of the gs process.\n (CVE-2016-7979)\n\n - It was found that ghostscript did not sufficiently\n check the validity of parameters given to the\n .sethalftone5 function. A specially crafted postscript\n document could cause a crash, or execute arbitrary code\n in the context of the gs process. (CVE-2016-8602)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1050\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b88dca48\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ghostscript packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ghostscript-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ghostscript-9.07-20.1.h1\",\n \"ghostscript-cups-9.07-20.1.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:37:46", "description": "An update for ghostscript is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process. (CVE-2016-7978)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-05T00:00:00", "type": "nessus", "title": "CentOS 7 : ghostscript (CESA-2017:0013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ghostscript", "p-cpe:/a:centos:centos:ghostscript-cups", "p-cpe:/a:centos:centos:ghostscript-devel", "p-cpe:/a:centos:centos:ghostscript-doc", "p-cpe:/a:centos:centos:ghostscript-gtk", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2017-0013.NASL", "href": "https://www.tenable.com/plugins/nessus/96285", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0013 and \n# CentOS Errata and Security Advisory 2017:0013 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96285);\n script_version(\"3.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_xref(name:\"RHSA\", value:\"2017:0013\");\n\n script_name(english:\"CentOS 7 : ghostscript (CESA-2017:0013)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for ghostscript is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and\nPDF documents. Ghostscript translates PostScript code to common bitmap\nformats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall\nand .libfile did not honor the -dSAFER option, usually used when\nprocessing untrusted documents, leading to information disclosure. A\nspecially crafted postscript document could read environment variable,\nlist directory and retrieve file content respectively, from the\ntarget. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .setdevice suffered a\nuse-after-free vulnerability due to an incorrect reference count. A\nspecially crafted postscript document could trigger code execution in\nthe context of the gs process. (CVE-2016-7978)\n\n* It was found that the ghostscript function .initialize_dsc_parser\ndid not validate its parameter before using it, allowing a type\nconfusion flaw. A specially crafted postscript document could cause a\ncrash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the\nvalidity of parameters given to the .sethalftone5 function. A\nspecially crafted postscript document could cause a crash, or execute\narbitrary code in the context of the gs process. (CVE-2016-8602)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-January/022192.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3fb5fb8f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-7978\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ghostscript-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ghostscript-cups-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ghostscript-devel-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ghostscript-doc-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"ghostscript-gtk-9.07-20.el7_3.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-cups / ghostscript-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:37:27", "description": "From Red Hat Security Advisory 2017:0013 :\n\nAn update for ghostscript is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process. (CVE-2016-7978)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-05T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : ghostscript (ELSA-2017-0013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ghostscript", "p-cpe:/a:oracle:linux:ghostscript-cups", "p-cpe:/a:oracle:linux:ghostscript-devel", "p-cpe:/a:oracle:linux:ghostscript-doc", "p-cpe:/a:oracle:linux:ghostscript-gtk", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2017-0013.NASL", "href": "https://www.tenable.com/plugins/nessus/96298", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:0013 and \n# Oracle Linux Security Advisory ELSA-2017-0013 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96298);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_xref(name:\"RHSA\", value:\"2017:0013\");\n\n script_name(english:\"Oracle Linux 7 : ghostscript (ELSA-2017-0013)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:0013 :\n\nAn update for ghostscript is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and\nPDF documents. Ghostscript translates PostScript code to common bitmap\nformats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall\nand .libfile did not honor the -dSAFER option, usually used when\nprocessing untrusted documents, leading to information disclosure. A\nspecially crafted postscript document could read environment variable,\nlist directory and retrieve file content respectively, from the\ntarget. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .setdevice suffered a\nuse-after-free vulnerability due to an incorrect reference count. A\nspecially crafted postscript document could trigger code execution in\nthe context of the gs process. (CVE-2016-7978)\n\n* It was found that the ghostscript function .initialize_dsc_parser\ndid not validate its parameter before using it, allowing a type\nconfusion flaw. A specially crafted postscript document could cause a\ncrash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the\nvalidity of parameters given to the .sethalftone5 function. A\nspecially crafted postscript document could cause a crash, or execute\narbitrary code in the context of the gs process. (CVE-2016-8602)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-January/006610.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ghostscript-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ghostscript-cups-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ghostscript-devel-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ghostscript-doc-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"ghostscript-gtk-9.07-20.el7_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-cups / ghostscript-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:37:27", "description": "Security Fix(es) :\n\n - It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n - It was found that the ghostscript function .setdevice suffered a use- after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process. (CVE-2016-7978)\n\n - It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process.\n (CVE-2016-7979)\n\n - It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-05T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20170104)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:ghostscript", "p-cpe:/a:fermilab:scientific_linux:ghostscript-cups", "p-cpe:/a:fermilab:scientific_linux:ghostscript-debuginfo", "p-cpe:/a:fermilab:scientific_linux:ghostscript-devel", "p-cpe:/a:fermilab:scientific_linux:ghostscript-doc", "p-cpe:/a:fermilab:scientific_linux:ghostscript-gtk", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170104_GHOSTSCRIPT_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/96302", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96302);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n\n script_name(english:\"Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20170104)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - It was found that the ghostscript functions getenv,\n filenameforall and .libfile did not honor the -dSAFER\n option, usually used when processing untrusted\n documents, leading to information disclosure. A\n specially crafted postscript document could read\n environment variable, list directory and retrieve file\n content respectively, from the target. (CVE-2013-5653,\n CVE-2016-7977)\n\n - It was found that the ghostscript function .setdevice\n suffered a use- after-free vulnerability due to an\n incorrect reference count. A specially crafted\n postscript document could trigger code execution in the\n context of the gs process. (CVE-2016-7978)\n\n - It was found that the ghostscript function\n .initialize_dsc_parser did not validate its parameter\n before using it, allowing a type confusion flaw. A\n specially crafted postscript document could cause a\n crash code execution in the context of the gs process.\n (CVE-2016-7979)\n\n - It was found that ghostscript did not sufficiently check\n the validity of parameters given to the .sethalftone5\n function. A specially crafted postscript document could\n cause a crash, or execute arbitrary code in the context\n of the gs process. (CVE-2016-8602)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1701&L=scientific-linux-errata&F=&S=&P=409\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?472d4987\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"ghostscript-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"ghostscript-cups-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"ghostscript-debuginfo-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"ghostscript-devel-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"ghostscript-doc-9.07-20.el7_3.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"ghostscript-gtk-9.07-20.el7_3.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-cups / ghostscript-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:36:42", "description": "An update for ghostscript is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process. (CVE-2016-7978)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-05T00:00:00", "type": "nessus", "title": "RHEL 7 : ghostscript (RHSA-2017:0013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ghostscript", "p-cpe:/a:redhat:enterprise_linux:ghostscript-cups", "p-cpe:/a:redhat:enterprise_linux:ghostscript-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ghostscript-devel", "p-cpe:/a:redhat:enterprise_linux:ghostscript-doc", "p-cpe:/a:redhat:enterprise_linux:ghostscript-gtk", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2017-0013.NASL", "href": "https://www.tenable.com/plugins/nessus/96308", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0013. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96308);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_xref(name:\"RHSA\", value:\"2017:0013\");\n\n script_name(english:\"RHEL 7 : ghostscript (RHSA-2017:0013)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for ghostscript is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Ghostscript suite contains utilities for rendering PostScript and\nPDF documents. Ghostscript translates PostScript code to common bitmap\nformats so that the code can be displayed or printed.\n\nSecurity Fix(es) :\n\n* It was found that the ghostscript functions getenv, filenameforall\nand .libfile did not honor the -dSAFER option, usually used when\nprocessing untrusted documents, leading to information disclosure. A\nspecially crafted postscript document could read environment variable,\nlist directory and retrieve file content respectively, from the\ntarget. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .setdevice suffered a\nuse-after-free vulnerability due to an incorrect reference count. A\nspecially crafted postscript document could trigger code execution in\nthe context of the gs process. (CVE-2016-7978)\n\n* It was found that the ghostscript function .initialize_dsc_parser\ndid not validate its parameter before using it, allowing a type\nconfusion flaw. A specially crafted postscript document could cause a\ncrash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the\nvalidity of parameters given to the .sethalftone5 function. A\nspecially crafted postscript document could cause a crash, or execute\narbitrary code in the context of the gs process. (CVE-2016-8602)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-5653\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7977\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7978\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7979\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-8602\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0013\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"ghostscript-9.07-20.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"ghostscript-cups-9.07-20.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ghostscript-cups-9.07-20.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"ghostscript-debuginfo-9.07-20.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"ghostscript-devel-9.07-20.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"ghostscript-doc-9.07-20.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"ghostscript-gtk-9.07-20.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ghostscript-gtk-9.07-20.el7_3.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-cups / ghostscript-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-20T16:38:09", "description": "The remote host is affected by the vulnerability described in GLSA-201702-31 (GPL Ghostscript: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in GPL Ghostscript and the bundled OpenJPEG. Please review the CVE identifiers and GLSA-201612-26 (OpenJPEG) referenced below for additional information.\n Note: GPL Ghostscript in Gentoo since app-text/ghostscript-gpl-9.20-r1 no longer bundles OpenJPEG.\n Impact :\n\n A context-dependent attacker could entice a user to open a specially crafted PostScript file or PDF using GPL Ghostscript possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-02-23T00:00:00", "type": "nessus", "title": "GLSA-201702-31 : GPL Ghostscript: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:ghostscript-gpl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201702-31.NASL", "href": "https://www.tenable.com/plugins/nessus/97343", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201702-31.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97343);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7976\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_xref(name:\"GLSA\", value:\"201702-31\");\n\n script_name(english:\"GLSA-201702-31 : GPL Ghostscript: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201702-31\n(GPL Ghostscript: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in GPL Ghostscript and the\n bundled OpenJPEG. Please review the CVE identifiers and GLSA-201612-26\n (OpenJPEG) referenced below for additional information.\n Note: GPL Ghostscript in Gentoo since app-text/ghostscript-gpl-9.20-r1\n no longer bundles OpenJPEG.\n \nImpact :\n\n A context-dependent attacker could entice a user to open a specially\n crafted PostScript file or PDF using GPL Ghostscript possibly resulting\n in the execution of arbitrary code with the privileges of the process or\n a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201612-26\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201702-31\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All GPL Ghostscript users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=app-text/ghostscript-gpl-9.20-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ghostscript-gpl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-text/ghostscript-gpl\", unaffected:make_list(\"ge 9.20-r1\"), vulnerable:make_list(\"lt 9.20-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GPL Ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:20", "description": "This update for ghostscript fixes the following issues :\n\n - CVE-2016-8602: Insufficient parameter check in .sethalftone5 (bsc#1004237).\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-04T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ghostscript (openSUSE-2016-1258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8602"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ghostscript", "p-cpe:/a:novell:opensuse:ghostscript-debuginfo", "p-cpe:/a:novell:opensuse:ghostscript-debugsource", "p-cpe:/a:novell:opensuse:ghostscript-devel", "p-cpe:/a:novell:opensuse:ghostscript-mini", "p-cpe:/a:novell:opensuse:ghostscript-mini-debuginfo", "p-cpe:/a:novell:opensuse:ghostscript-mini-debugsource", "p-cpe:/a:novell:opensuse:ghostscript-mini-devel", "p-cpe:/a:novell:opensuse:ghostscript-x11", "p-cpe:/a:novell:opensuse:ghostscript-x11-debuginfo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/94528", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1258.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94528);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-8602\");\n\n script_name(english:\"openSUSE Security Update : ghostscript (openSUSE-2016-1258)\");\n script_summary(english:\"Check for the openSUSE-2016-1258 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ghostscript fixes the following issues :\n\n - CVE-2016-8602: Insufficient parameter check in\n .sethalftone5 (bsc#1004237).\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1004237\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ghostscript-9.15-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ghostscript-debuginfo-9.15-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ghostscript-debugsource-9.15-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ghostscript-devel-9.15-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ghostscript-mini-9.15-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ghostscript-mini-debuginfo-9.15-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ghostscript-mini-debugsource-9.15-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ghostscript-mini-devel-9.15-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ghostscript-x11-9.15-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ghostscript-x11-debuginfo-9.15-11.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript-mini / ghostscript-mini-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:28", "description": "This update for ghostscript fixes the following issues :\n\n - CVE-2016-8602: Insufficient parameter check in .sethalftone5 (bsc#1004237)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-07T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : ghostscript-library (SUSE-SU-2016:2723-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8602"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ghostscript-fonts-other", "p-cpe:/a:novell:suse_linux:ghostscript-fonts-rus", "p-cpe:/a:novell:suse_linux:ghostscript-fonts-std", "p-cpe:/a:novell:suse_linux:ghostscript-library", "p-cpe:/a:novell:suse_linux:ghostscript-omni", "p-cpe:/a:novell:suse_linux:ghostscript-x11", "p-cpe:/a:novell:suse_linux:libgimpprint", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-2723-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94607", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2723-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94607);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-8602\");\n\n script_name(english:\"SUSE SLES11 Security Update : ghostscript-library (SUSE-SU-2016:2723-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ghostscript fixes the following issues :\n\n - CVE-2016-8602: Insufficient parameter check in\n .sethalftone5 (bsc#1004237)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1004237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8602/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162723-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9739d0ef\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-ghostscript-12834=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-ghostscript-12834=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-ghostscript-12834=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-omni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-fonts-other-8.62-32.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-fonts-rus-8.62-32.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-fonts-std-8.62-32.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-library-8.62-32.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-omni-8.62-32.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-x11-8.62-32.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libgimpprint-4.2.7-32.41.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript-library\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:20", "description": "This update for ghostscript fixes the following issues :\n\n - CVE-2016-8602: Insufficient parameter check in .sethalftone5 (bsc#1004237).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-10-27T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2016:2654-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8602"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ghostscript", "p-cpe:/a:novell:suse_linux:ghostscript-debuginfo", "p-cpe:/a:novell:suse_linux:ghostscript-debugsource", "p-cpe:/a:novell:suse_linux:ghostscript-x11", "p-cpe:/a:novell:suse_linux:ghostscript-x11-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-2654-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94322", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2654-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94322);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-8602\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2016:2654-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ghostscript fixes the following issues :\n\n - CVE-2016-8602: Insufficient parameter check in\n .sethalftone5 (bsc#1004237).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1004237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8602/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162654-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8351bf69\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2016-1557=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2016-1557=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2016-1557=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ghostscript-9.15-14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ghostscript-debuginfo-9.15-14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ghostscript-debugsource-9.15-14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ghostscript-x11-9.15-14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ghostscript-x11-debuginfo-9.15-14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ghostscript-9.15-14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ghostscript-debuginfo-9.15-14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ghostscript-debugsource-9.15-14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ghostscript-x11-9.15-14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ghostscript-x11-debuginfo-9.15-14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:38:43", "description": "Tavis Ormandy discovered multiple vulnerabilities in the way that Ghostscript processes certain Postscript files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly execute arbitrary code.\n(CVE-2016-7976, CVE-2016-7978, CVE-2016-7979, CVE-2016-8602)\n\nMultiple vulnerabilities were discovered in Ghostscript related to information disclosure. If a user or automated system were tricked into opening a specially crafted file, an attacker could expose sensitive data. (CVE-2013-5653, CVE-2016-7977).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-02T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : ghostscript vulnerabilities (USN-3148-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:ghostscript", "p-cpe:/a:canonical:ubuntu_linux:ghostscript-x", "p-cpe:/a:canonical:ubuntu_linux:libgs9", "p-cpe:/a:canonical:ubuntu_linux:libgs9-common", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3148-1.NASL", "href": "https://www.tenable.com/plugins/nessus/95467", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3148-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95467);\n script_version(\"3.10\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7976\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_xref(name:\"USN\", value:\"3148-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : ghostscript vulnerabilities (USN-3148-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tavis Ormandy discovered multiple vulnerabilities in the way that\nGhostscript processes certain Postscript files. If a user or automated\nsystem were tricked into opening a specially crafted file, an attacker\ncould cause a denial of service or possibly execute arbitrary code.\n(CVE-2016-7976, CVE-2016-7978, CVE-2016-7979, CVE-2016-8602)\n\nMultiple vulnerabilities were discovered in Ghostscript related to\ninformation disclosure. If a user or automated system were tricked\ninto opening a specially crafted file, an attacker could expose\nsensitive data. (CVE-2013-5653, CVE-2016-7977).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3148-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ghostscript-x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgs9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgs9-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04|16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04 / 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"ghostscript\", pkgver:\"9.05~dfsg-0ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"ghostscript-x\", pkgver:\"9.05~dfsg-0ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libgs9\", pkgver:\"9.05~dfsg-0ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libgs9-common\", pkgver:\"9.05~dfsg-0ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"ghostscript\", pkgver:\"9.10~dfsg-0ubuntu10.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"ghostscript-x\", pkgver:\"9.10~dfsg-0ubuntu10.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libgs9\", pkgver:\"9.10~dfsg-0ubuntu10.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libgs9-common\", pkgver:\"9.10~dfsg-0ubuntu10.5\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"ghostscript\", pkgver:\"9.18~dfsg~0-0ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"ghostscript-x\", pkgver:\"9.18~dfsg~0-0ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libgs9\", pkgver:\"9.18~dfsg~0-0ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libgs9-common\", pkgver:\"9.18~dfsg~0-0ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"ghostscript\", pkgver:\"9.19~dfsg+1-0ubuntu6.2\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"ghostscript-x\", pkgver:\"9.19~dfsg+1-0ubuntu6.2\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libgs9\", pkgver:\"9.19~dfsg+1-0ubuntu6.2\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libgs9-common\", pkgver:\"9.19~dfsg+1-0ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-x / libgs9 / libgs9-common\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:55", "description": "Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or information disclosure if a specially crafted Postscript file is processed.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-13T00:00:00", "type": "nessus", "title": "Debian DSA-3691-1 : ghostscript - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ghostscript", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3691.NASL", "href": "https://www.tenable.com/plugins/nessus/94023", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3691. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94023);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7976\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n script_xref(name:\"DSA\", value:\"3691\");\n\n script_name(english:\"Debian DSA-3691-1 : ghostscript - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in Ghostscript, the GPL\nPostScript/PDF interpreter, which may lead to the execution of\narbitrary code or information disclosure if a specially crafted\nPostscript file is processed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839845\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839846\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840451\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/ghostscript\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3691\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ghostscript packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 9.06~dfsg-2+deb8u3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"ghostscript\", reference:\"9.06~dfsg-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ghostscript-dbg\", reference:\"9.06~dfsg-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ghostscript-doc\", reference:\"9.06~dfsg-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ghostscript-x\", reference:\"9.06~dfsg-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgs-dev\", reference:\"9.06~dfsg-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgs9\", reference:\"9.06~dfsg-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgs9-common\", reference:\"9.06~dfsg-2+deb8u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:43", "description": "This update for ghostscript fixes the following issues :\n\n - CVE-2016-8602: Fixes a NULL dereference in .sethalftone5 (boo#1004237).\n\n - CVE-2013-5653, CVE-2016-7978, CVE-2016-7979: Fix multiple -dsafer related CVE's (boo#1001951).", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ghostscript (openSUSE-2016-1237)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ghostscript", "p-cpe:/a:novell:opensuse:ghostscript-debuginfo", "p-cpe:/a:novell:opensuse:ghostscript-debugsource", "p-cpe:/a:novell:opensuse:ghostscript-devel", "p-cpe:/a:novell:opensuse:ghostscript-mini", "p-cpe:/a:novell:opensuse:ghostscript-mini-debuginfo", "p-cpe:/a:novell:opensuse:ghostscript-mini-debugsource", "p-cpe:/a:novell:opensuse:ghostscript-mini-devel", "p-cpe:/a:novell:opensuse:ghostscript-x11", "p-cpe:/a:novell:opensuse:ghostscript-x11-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-1237.NASL", "href": "https://www.tenable.com/plugins/nessus/94311", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1237.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94311);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7978\", \"CVE-2016-7979\", \"CVE-2016-8602\");\n\n script_name(english:\"openSUSE Security Update : ghostscript (openSUSE-2016-1237)\");\n script_summary(english:\"Check for the openSUSE-2016-1237 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ghostscript fixes the following issues :\n\n - CVE-2016-8602: Fixes a NULL dereference in .sethalftone5\n (boo#1004237).\n\n - CVE-2013-5653, CVE-2016-7978, CVE-2016-7979: Fix\n multiple -dsafer related CVE's (boo#1001951).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1004237\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ghostscript-9.15-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ghostscript-debuginfo-9.15-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ghostscript-debugsource-9.15-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ghostscript-devel-9.15-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ghostscript-mini-9.15-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ghostscript-mini-debuginfo-9.15-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ghostscript-mini-debugsource-9.15-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ghostscript-mini-devel-9.15-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ghostscript-x11-9.15-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ghostscript-x11-debuginfo-9.15-6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript-mini / ghostscript-mini-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:11", "description": "This update for ghostscript-library fixes the following issues :\n\n - Multiple security vulnerabilities have been discovered where ghostscript's '-dsafer' flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted Postscript file would potentially leak sensitive information to an attacker. (CVE-2013-5653, CVE-2016-7977, bsc#1001951)\n\n - Insufficient validation of the type of input in .initialize_dsc_parser used to allow remote code execution. (CVE-2016-7979, bsc#1001951)\n\n - An integer overflow in the gs_heap_alloc_bytes function used to allow remote attackers to cause a denial of service (crash) via specially crafted Postscript files.\n (CVE-2015-3228, boo#939342)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-12T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : ghostscript-library (SUSE-SU-2016:2493-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2015-3228", "CVE-2016-7977", "CVE-2016-7979"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ghostscript-fonts-other", "p-cpe:/a:novell:suse_linux:ghostscript-fonts-rus", "p-cpe:/a:novell:suse_linux:ghostscript-fonts-std", "p-cpe:/a:novell:suse_linux:ghostscript-library", "p-cpe:/a:novell:suse_linux:ghostscript-omni", "p-cpe:/a:novell:suse_linux:ghostscript-x11", "p-cpe:/a:novell:suse_linux:libgimpprint", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-2493-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94007", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2493-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94007);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2015-3228\", \"CVE-2016-7977\", \"CVE-2016-7979\");\n script_bugtraq_id(76017);\n\n script_name(english:\"SUSE SLES11 Security Update : ghostscript-library (SUSE-SU-2016:2493-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ghostscript-library fixes the following issues :\n\n - Multiple security vulnerabilities have been discovered\n where ghostscript's '-dsafer' flag did not provide\n sufficient protection against unintended access to the\n file system. Thus, a machine that would process a\n specially crafted Postscript file would potentially leak\n sensitive information to an attacker. (CVE-2013-5653,\n CVE-2016-7977, bsc#1001951)\n\n - Insufficient validation of the type of input in\n .initialize_dsc_parser used to allow remote code\n execution. (CVE-2016-7979, bsc#1001951)\n\n - An integer overflow in the gs_heap_alloc_bytes function\n used to allow remote attackers to cause a denial of\n service (crash) via specially crafted Postscript files.\n (CVE-2015-3228, boo#939342)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1001951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-5653/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3228/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7977/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7979/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162493-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f0e96ae4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 5:zypper in -t patch\nsleclo50sp3-ghostscript-library-12781=1\n\nSUSE Manager Proxy 2.1:zypper in -t patch\nslemap21-ghostscript-library-12781=1\n\nSUSE Manager 2.1:zypper in -t patch\nsleman21-ghostscript-library-12781=1\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-ghostscript-library-12781=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-ghostscript-library-12781=1\n\nSUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch\nslessp3-ghostscript-library-12781=1\n\nSUSE Linux Enterprise Server 11-SP2-LTSS:zypper in -t patch\nslessp2-ghostscript-library-12781=1\n\nSUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch\nsleposp3-ghostscript-library-12781=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-ghostscript-library-12781=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch\ndbgsp3-ghostscript-library-12781=1\n\nSUSE Linux Enterprise Debuginfo 11-SP2:zypper in -t patch\ndbgsp2-ghostscript-library-12781=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-omni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2/3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-fonts-other-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-fonts-rus-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-fonts-std-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-library-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-omni-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ghostscript-x11-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libgimpprint-4.2.7-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"ghostscript-fonts-other-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"ghostscript-fonts-rus-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"ghostscript-fonts-std-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"ghostscript-library-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"ghostscript-omni-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"ghostscript-x11-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libgimpprint-4.2.7-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"ghostscript-fonts-other-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"ghostscript-fonts-rus-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"ghostscript-fonts-std-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"ghostscript-library-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"ghostscript-omni-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"ghostscript-x11-8.62-32.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"libgimpprint-4.2.7-32.38.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript-library\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:36", "description": "This is a rebase of **ghostscript** package, to address several security issues :\n\n - [CVE-2016-7977 ](https://bugzilla.redhat.com/show_bug.cgi?id=1380415) -\n *.libfile does not honor -dSAFER*\n\n - [CVE-2013-5653](https://bugzilla.redhat.com/show_bug.cgi ?id=1380327) - *getenv and filenameforall ignore\n -dSAFER*\n\n - [CVE-2016-7976](https://bugzilla.redhat.com/show_bug.cgi ?id=1382294) - *various userparams allow %pipe% in paths, allowing remote shell*\n\n - [CVE-2016-7978](https://bugzilla.redhat.com/show_bug.cgi ?id=1382300) - *reference leak in .setdevice allows use-after-free and remote code*\n\n - [CVE-2016-7979](https://bugzilla.redhat.com/show_bug.cgi ?id=1382305) - *Type confusion in .initialize_dsc_parser allows remote code execution*\n\n----------- #### INFORMATION FOR FEDORA PACKAGERS & MAINTAINERS :\n\n**ghostscript** has been rebased to latest upstream version (9.20).\nRebase notes :\n\n - **no API/ABI changes between versions 9.16 -> 9.20 according to upstream**\n\n - *OpenJPEG* support has been retained\n\n - *ijs-config* custom tool from upstream has been\n *removed* (by upstream) (*pkg-config* is used by default now instead, see [commit 0c176a9](http://git.ghostscript.com/?p=ghostpdl.git;h=0c 176a91d53c85cda))\n\n - some patches were updated to 'git format-patch' format & renamed\n\n - rest of the patches were deleted (irrelevant for current version), mostly because upstream has fixed those issues in some way\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-19T00:00:00", "type": "nessus", "title": "Fedora 24 : ghostscript (2016-53e8aa35f6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ghostscript", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-53E8AA35F6.NASL", "href": "https://www.tenable.com/plugins/nessus/94121", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-53e8aa35f6.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94121);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7976\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\");\n script_xref(name:\"FEDORA\", value:\"2016-53e8aa35f6\");\n\n script_name(english:\"Fedora 24 : ghostscript (2016-53e8aa35f6)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a rebase of **ghostscript** package, to address several\nsecurity issues :\n\n - [CVE-2016-7977\n ](https://bugzilla.redhat.com/show_bug.cgi?id=1380415) -\n *.libfile does not honor -dSAFER*\n\n -\n [CVE-2013-5653](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1380327) - *getenv and filenameforall ignore\n -dSAFER*\n\n -\n [CVE-2016-7976](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1382294) - *various userparams allow %pipe% in\n paths, allowing remote shell*\n\n -\n [CVE-2016-7978](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1382300) - *reference leak in .setdevice allows\n use-after-free and remote code*\n\n -\n [CVE-2016-7979](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1382305) - *Type confusion in .initialize_dsc_parser\n allows remote code execution*\n\n----------- #### INFORMATION FOR FEDORA PACKAGERS & MAINTAINERS :\n\n**ghostscript** has been rebased to latest upstream version (9.20).\nRebase notes :\n\n - **no API/ABI changes between versions 9.16 -> 9.20\n according to upstream**\n\n - *OpenJPEG* support has been retained\n\n - *ijs-config* custom tool from upstream has been\n *removed* (by upstream) (*pkg-config* is used by default\n now instead, see [commit\n 0c176a9](http://git.ghostscript.com/?p=ghostpdl.git;h=0c\n 176a91d53c85cda))\n\n - some patches were updated to 'git format-patch' format &\n renamed\n\n - rest of the patches were deleted (irrelevant for current\n version), mostly because upstream has fixed those issues\n in some way\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-53e8aa35f6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1380327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1380415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1382294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1382300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1382305\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"ghostscript-9.20-2.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:17", "description": "This is a rebase of **ghostscript** package, to address several security issues :\n\n - [CVE-2016-7977 ](https://bugzilla.redhat.com/show_bug.cgi?id=1380415) -\n *.libfile does not honor -dSAFER*\n\n - [CVE-2013-5653](https://bugzilla.redhat.com/show_bug.cgi ?id=1380327) - *getenv and filenameforall ignore\n -dSAFER*\n\n - [CVE-2016-7976](https://bugzilla.redhat.com/show_bug.cgi ?id=1382294) - *various userparams allow %pipe% in paths, allowing remote shell*\n\n - [CVE-2016-7978](https://bugzilla.redhat.com/show_bug.cgi ?id=1382300) - *reference leak in .setdevice allows use-after-free and remote code*\n\n - [CVE-2016-7979](https://bugzilla.redhat.com/show_bug.cgi ?id=1382305) - *Type confusion in .initialize_dsc_parser allows remote code execution*\n\n----------- #### INFORMATION FOR FEDORA PACKAGERS & MAINTAINERS :\n\n**ghostscript** has been rebased to latest upstream version (9.20).\nRebase notes :\n\n - **no API/ABI changes between versions 9.16 -> 9.20 according to upstream**\n\n - *OpenJPEG* support has been retained\n\n - *ijs-config* custom tool from upstream has been\n *removed* (by upstream) (*pkg-config* is used by default now instead, see [commit 0c176a9](http://git.ghostscript.com/?p=ghostpdl.git;h=0c 176a91d53c85cda))\n\n - some patches were updated to 'git format-patch' format & renamed\n\n - rest of the patches were deleted (irrelevant for current version), mostly because upstream has fixed those issues in some way\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-15T00:00:00", "type": "nessus", "title": "Fedora 25 : ghostscript (2016-2df27a2224)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ghostscript", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-2DF27A2224.NASL", "href": "https://www.tenable.com/plugins/nessus/94786", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-2df27a2224.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94786);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7976\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\");\n script_xref(name:\"FEDORA\", value:\"2016-2df27a2224\");\n\n script_name(english:\"Fedora 25 : ghostscript (2016-2df27a2224)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a rebase of **ghostscript** package, to address several\nsecurity issues :\n\n - [CVE-2016-7977\n ](https://bugzilla.redhat.com/show_bug.cgi?id=1380415) -\n *.libfile does not honor -dSAFER*\n\n -\n [CVE-2013-5653](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1380327) - *getenv and filenameforall ignore\n -dSAFER*\n\n -\n [CVE-2016-7976](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1382294) - *various userparams allow %pipe% in\n paths, allowing remote shell*\n\n -\n [CVE-2016-7978](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1382300) - *reference leak in .setdevice allows\n use-after-free and remote code*\n\n -\n [CVE-2016-7979](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1382305) - *Type confusion in .initialize_dsc_parser\n allows remote code execution*\n\n----------- #### INFORMATION FOR FEDORA PACKAGERS & MAINTAINERS :\n\n**ghostscript** has been rebased to latest upstream version (9.20).\nRebase notes :\n\n - **no API/ABI changes between versions 9.16 -> 9.20\n according to upstream**\n\n - *OpenJPEG* support has been retained\n\n - *ijs-config* custom tool from upstream has been\n *removed* (by upstream) (*pkg-config* is used by default\n now instead, see [commit\n 0c176a9](http://git.ghostscript.com/?p=ghostpdl.git;h=0c\n 176a91d53c85cda))\n\n - some patches were updated to 'git format-patch' format &\n renamed\n\n - rest of the patches were deleted (irrelevant for current\n version), mostly because upstream has fixed those issues\n in some way\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-2df27a2224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1380327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1380415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1382294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1382300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1382305\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"ghostscript-9.20-2.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:39", "description": "This is a rebase of **ghostscript** package, to address several security issues :\n\n - [CVE-2016-7977 ](https://bugzilla.redhat.com/show_bug.cgi?id=1380415) -\n *.libfile does not honor -dSAFER*\n\n - [CVE-2013-5653](https://bugzilla.redhat.com/show_bug.cgi ?id=1380327) - *getenv and filenameforall ignore\n -dSAFER*\n\n - [CVE-2016-7976](https://bugzilla.redhat.com/show_bug.cgi ?id=1382294) - *various userparams allow %pipe% in paths, allowing remote shell*\n\n - [CVE-2016-7978](https://bugzilla.redhat.com/show_bug.cgi ?id=1382300) - *reference leak in .setdevice allows use-after-free and remote code*\n\n - [CVE-2016-7979](https://bugzilla.redhat.com/show_bug.cgi ?id=1382305) - *Type confusion in .initialize_dsc_parser allows remote code execution*\n\n----------- #### INFORMATION FOR FEDORA PACKAGERS & MAINTAINERS :\n\n**ghostscript** has been rebased to latest upstream version (9.20).\nRebase notes :\n\n - **no API/ABI changes between versions 9.16 -> 9.20 according to upstream**\n\n - *OpenJPEG* support has been retained\n\n - *ijs-config* custom tool from upstream has been\n *removed* (by upstream) (*pkg-config* is used by default now instead, see [commit 0c176a9](http://git.ghostscript.com/?p=ghostpdl.git;h=0c 176a91d53c85cda))\n\n - some patches were updated to 'git format-patch' format & renamed\n\n - rest of the patches were deleted (irrelevant for current version), mostly because upstream has fixed those issues in some way\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-19T00:00:00", "type": "nessus", "title": "Fedora 23 : ghostscript (2016-1c13825502)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ghostscript", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-1C13825502.NASL", "href": "https://www.tenable.com/plugins/nessus/94119", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-1c13825502.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94119);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-5653\", \"CVE-2016-7976\", \"CVE-2016-7977\", \"CVE-2016-7978\", \"CVE-2016-7979\");\n script_xref(name:\"FEDORA\", value:\"2016-1c13825502\");\n\n script_name(english:\"Fedora 23 : ghostscript (2016-1c13825502)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a rebase of **ghostscript** package, to address several\nsecurity issues :\n\n - [CVE-2016-7977\n ](https://bugzilla.redhat.com/show_bug.cgi?id=1380415) -\n *.libfile does not honor -dSAFER*\n\n -\n [CVE-2013-5653](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1380327) - *getenv and filenameforall ignore\n -dSAFER*\n\n -\n [CVE-2016-7976](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1382294) - *various userparams allow %pipe% in\n paths, allowing remote shell*\n\n -\n [CVE-2016-7978](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1382300) - *reference leak in .setdevice allows\n use-after-free and remote code*\n\n -\n [CVE-2016-7979](https://bugzilla.redhat.com/show_bug.cgi\n ?id=1382305) - *Type confusion in .initialize_dsc_parser\n allows remote code execution*\n\n----------- #### INFORMATION FOR FEDORA PACKAGERS & MAINTAINERS :\n\n**ghostscript** has been rebased to latest upstream version (9.20).\nRebase notes :\n\n - **no API/ABI changes between versions 9.16 -> 9.20\n according to upstream**\n\n - *OpenJPEG* support has been retained\n\n - *ijs-config* custom tool from upstream has been\n *removed* (by upstream) (*pkg-config* is used by default\n now instead, see [commit\n 0c176a9](http://git.ghostscript.com/?p=ghostpdl.git;h=0c\n 176a91d53c85cda))\n\n - some patches were updated to 'git format-patch' format &\n renamed\n\n - rest of the patches were deleted (irrelevant for current\n version), mostly because upstream has fixed those issues\n in some way\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-1c13825502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1380327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1380415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1382294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1382300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1382305\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"ghostscript-9.20-2.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-24T21:44:50", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ghostscript packages installed that are affected by multiple vulnerabilities:\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977. (CVE-2018-11645)\n\n - A flaw was found in ghostscript, versions 9.x before 9.28, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. (CVE-2019-14813)\n\n - A flaw was found in, ghostscript versions prior to 9.28, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. (CVE-2019-14811)\n\n - A flaw was found in, ghostscript versions prior to 9.28, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. (CVE-2019-14817)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0203)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7977", "CVE-2018-11645", "CVE-2019-10216", "CVE-2019-14811", "CVE-2019-14812", "CVE-2019-14813", "CVE-2019-14817"], "modified": "2021-07-05T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0203_GHOSTSCRIPT.NASL", "href": "https://www.tenable.com/plugins/nessus/129908", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0203. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129908);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/05\");\n\n script_cve_id(\n \"CVE-2018-11645\",\n \"CVE-2019-10216\",\n \"CVE-2019-14811\",\n \"CVE-2019-14812\",\n \"CVE-2019-14813\",\n \"CVE-2019-14817\"\n );\n script_xref(name:\"IAVB\", value:\"2019-B-0081-S\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0203)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ghostscript packages installed that are\naffected by multiple vulnerabilities:\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1\n permits the status command even if -dSAFER is used,\n which might allow remote attackers to determine the\n existence and size of arbitrary files, a similar issue\n to CVE-2016-7977. (CVE-2018-11645)\n\n - A flaw was found in ghostscript, versions 9.x before\n 9.28, in the setsystemparams procedure where it did not\n properly secure its privileged calls, enabling scripts\n to bypass `-dSAFER` restrictions. A specially crafted\n PostScript file could disable security protection and\n then have access to the file system, or execute\n arbitrary commands. (CVE-2019-14813)\n\n - A flaw was found in, ghostscript versions prior to 9.28,\n in the .pdf_hook_DSC_Creator procedure where it did not\n properly secure its privileged calls, enabling scripts\n to bypass `-dSAFER` restrictions. A specially crafted\n PostScript file could disable security protection and\n then have access to the file system, or execute\n arbitrary commands. (CVE-2019-14811)\n\n - A flaw was found in, ghostscript versions prior to 9.28,\n in the .pdfexectoken and other procedures where it did\n not properly secure its privileged calls, enabling\n scripts to bypass `-dSAFER` restrictions. A specially\n crafted PostScript file could disable security\n protection and then have access to the file system, or\n execute arbitrary commands. (CVE-2019-14817)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0203\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL ghostscript packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14813\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"ghostscript-9.25-2.el7_7.2\",\n \"ghostscript-cups-9.25-2.el7_7.2\",\n \"ghostscript-debuginfo-9.25-2.el7_7.2\",\n \"ghostscript-doc-9.25-2.el7_7.2\",\n \"ghostscript-gtk-9.25-2.el7_7.2\",\n \"libgs-9.25-2.el7_7.2\",\n \"libgs-devel-9.25-2.el7_7.2\"\n ],\n \"CGSL MAIN 5.04\": [\n \"ghostscript-9.25-2.el7_7.2\",\n \"ghostscript-cups-9.25-2.el7_7.2\",\n \"ghostscript-debuginfo-9.25-2.el7_7.2\",\n \"ghostscript-doc-9.25-2.el7_7.2\",\n \"ghostscript-gtk-9.25-2.el7_7.2\",\n \"libgs-9.25-2.el7_7.2\",\n \"libgs-devel-9.25-2.el7_7.2\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-24T21:39:17", "description": "According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.(CVE-2018-11645)\n\n - The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.(CVE-2016-7976)\n\n - A flaw was found in, ghostscript versions prior to 9.28, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14811)\n\n - A flaw was found in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14812)\n\n - A flaw was found in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14813)\n\n - A flaw was found in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14817)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2019-2151)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7976", "CVE-2016-7977", "CVE-2018-11645", "CVE-2019-14811", "CVE-2019-14812", "CVE-2019-14813", "CVE-2019-14817"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ghostscript", "p-cpe:/a:huawei:euleros:ghostscript-cups", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2151.NASL", "href": "https://www.tenable.com/plugins/nessus/130860", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130860);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2016-7976\",\n \"CVE-2018-11645\",\n \"CVE-2019-14811\",\n \"CVE-2019-14812\",\n \"CVE-2019-14813\",\n \"CVE-2019-14817\"\n );\n script_xref(name:\"IAVB\", value:\"2019-B-0081-S\");\n\n script_name(english:\"EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2019-2151)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ghostscript packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1\n permits the status command even if -dSAFER is used,\n which might allow remote attackers to determine the\n existence and size of arbitrary files, a similar issue\n to CVE-2016-7977.(CVE-2018-11645)\n\n - The PS Interpreter in Ghostscript 9.18 and 9.20 allows\n remote attackers to execute arbitrary code via crafted\n userparams.(CVE-2016-7976)\n\n - A flaw was found in, ghostscript versions prior to\n 9.28, in the .pdf_hook_DSC_Creator procedure where it\n did not properly secure its privileged calls, enabling\n scripts to bypass `-dSAFER` restrictions. A specially\n crafted PostScript file could disable security\n protection and then have access to the file system, or\n execute arbitrary commands.(CVE-2019-14811)\n\n - A flaw was found in the .setuserparams2 procedure where\n it did not properly secure its privileged calls,\n enabling scripts to bypass `-dSAFER` restrictions. A\n specially crafted PostScript file could disable\n security protection and then have access to the file\n system, or execute arbitrary commands.(CVE-2019-14812)\n\n - A flaw was found in the setsystemparams procedure where\n it did not properly secure its privileged calls,\n enabling scripts to bypass `-dSAFER` restrictions. A\n specially crafted PostScript file could disable\n security protection and then have access to the file\n system, or execute arbitrary commands.(CVE-2019-14813)\n\n - A flaw was found in the .pdfexectoken and other\n procedures where it did not properly secure its\n privileged calls, enabling scripts to bypass `-dSAFER`\n restrictions. A specially crafted PostScript file could\n disable security protection and then have access to the\n file system, or execute arbitrary\n commands.(CVE-2019-14817)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2151\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9efc15d0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ghostscript packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ghostscript-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ghostscript-9.07-31.6.h8.eulerosv2r7\",\n \"ghostscript-cups-9.07-31.6.h8.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-24T21:38:05", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ghostscript packages installed that are affected by multiple vulnerabilities:\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977. (CVE-2018-11645)\n\n - It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.\n (CVE-2019-10216)\n\n - A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. (CVE-2019-14813)\n\n - A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. (CVE-2019-14812)\n\n - A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. (CVE-2019-14811)\n\n - A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. (CVE-2019-14817)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-31T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0250)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7977", "CVE-2018-11645", "CVE-2019-10216", "CVE-2019-14811", "CVE-2019-14812", "CVE-2019-14813", "CVE-2019-14817"], "modified": "2021-07-05T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0250_GHOSTSCRIPT.NASL", "href": "https://www.tenable.com/plugins/nessus/132453", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0250. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132453);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/05\");\n\n script_cve_id(\n \"CVE-2018-11645\",\n \"CVE-2019-10216\",\n \"CVE-2019-14811\",\n \"CVE-2019-14812\",\n \"CVE-2019-14813\",\n \"CVE-2019-14817\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0250)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ghostscript packages installed that are\naffected by multiple vulnerabilities:\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1\n permits the status command even if -dSAFER is used,\n which might allow remote attackers to determine the\n existence and size of arbitrary files, a similar issue\n to CVE-2016-7977. (CVE-2018-11645)\n\n - It was found that the .buildfont1 procedure did not\n properly secure its privileged calls, enabling scripts\n to bypass `-dSAFER` restrictions. An attacker could\n abuse this flaw by creating a specially crafted\n PostScript file that could escalate privileges and\n access files outside of restricted areas.\n (CVE-2019-10216)\n\n - A flaw was found in ghostscript, versions 9.x before\n 9.50, in the setsystemparams procedure where it did not\n properly secure its privileged calls, enabling scripts\n to bypass `-dSAFER` restrictions. A specially crafted\n PostScript file could disable security protection and\n then have access to the file system, or execute\n arbitrary commands. (CVE-2019-14813)\n\n - A flaw was found in all ghostscript versions 9.x before\n 9.50, in the .setuserparams2 procedure where it did not\n properly secure its privileged calls, enabling scripts\n to bypass `-dSAFER` restrictions. A specially crafted\n PostScript file could disable security protection and\n then have access to the file system, or execute\n arbitrary commands. (CVE-2019-14812)\n\n - A flaw was found in, ghostscript versions prior to 9.50,\n in the .pdf_hook_DSC_Creator procedure where it did not\n properly secure its privileged calls, enabling scripts\n to bypass `-dSAFER` restrictions. A specially crafted\n PostScript file could disable security protection and\n then have access to the file system, or execute\n arbitrary commands. (CVE-2019-14811)\n\n - A flaw was found in, ghostscript versions prior to 9.50,\n in the .pdfexectoken and other procedures where it did\n not properly secure its privileged calls, enabling\n scripts to bypass `-dSAFER` restrictions. A specially\n crafted PostScript file could disable security\n protection and then have access to the file system, or\n execute arbitrary commands. (CVE-2019-14817)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0250\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL ghostscript packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14813\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.05\": [\n \"ghostscript-9.25-2.el7_7.2\",\n \"ghostscript-cups-9.25-2.el7_7.2\",\n \"ghostscript-debuginfo-9.25-2.el7_7.2\",\n \"ghostscript-doc-9.25-2.el7_7.2\",\n \"ghostscript-gtk-9.25-2.el7_7.2\",\n \"libgs-9.25-2.el7_7.2\",\n \"libgs-devel-9.25-2.el7_7.2\"\n ],\n \"CGSL MAIN 5.05\": [\n \"ghostscript-9.25-2.el7_7.2\",\n \"ghostscript-cups-9.25-2.el7_7.2\",\n \"ghostscript-debuginfo-9.25-2.el7_7.2\",\n \"ghostscript-doc-9.25-2.el7_7.2\",\n \"ghostscript-gtk-9.25-2.el7_7.2\",\n \"libgs-9.25-2.el7_7.2\",\n \"libgs-devel-9.25-2.el7_7.2\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-13T15:15:18", "description": "According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory.(CVE-2017-7976)\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.(CVE-2018-11645)\n\n - The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.(CVE-2017-9727)\n\n - The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document.(CVE-2017-9612)\n\n - The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.(CVE-2017-9739)\n\n - The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.(CVE-2017-9726)\n\n - The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.(CVE-2016-7976)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-04-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2021-1788)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7976", "CVE-2016-7977", "CVE-2017-7976", "CVE-2017-9612", "CVE-2017-9726", "CVE-2017-9727", "CVE-2017-9739", "CVE-2018-11645"], "modified": "2022-05-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ghostscript", "p-cpe:/a:huawei:euleros:ghostscript-cups", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1788.NASL", "href": "https://www.tenable.com/plugins/nessus/149171", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149171);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2016-7976\",\n \"CVE-2017-7976\",\n \"CVE-2017-9612\",\n \"CVE-2017-9726\",\n \"CVE-2017-9727\",\n \"CVE-2017-9739\",\n \"CVE-2018-11645\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2021-1788)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ghostscript packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Artifex jbig2dec 0.13 allows out-of-bounds writes and\n reads because of an integer overflow in the\n jbig2_image_compose function in jbig2_image.c during\n operations on a crafted .jb2 file, leading to a denial\n of service (application crash) or disclosure of\n sensitive information from process\n memory.(CVE-2017-7976)\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1\n permits the status command even if -dSAFER is used,\n which might allow remote attackers to determine the\n existence and size of arbitrary files, a similar issue\n to CVE-2016-7977.(CVE-2018-11645)\n\n - The gx_ttfReader__Read function in base/gxttfb.c in\n Artifex Ghostscript GhostXPS 9.21 allows remote\n attackers to cause a denial of service (heap-based\n buffer over-read and application crash) or possibly\n have unspecified other impact via a crafted\n document.(CVE-2017-9727)\n\n - The Ins_IP function in base/ttinterp.c in Artifex\n Ghostscript GhostXPS 9.21 allows remote attackers to\n cause a denial of service (use-after-free and\n application crash) or possibly have unspecified other\n impact via a crafted document.(CVE-2017-9612)\n\n - The Ins_JMPR function in base/ttinterp.c in Artifex\n Ghostscript GhostXPS 9.21 allows remote attackers to\n cause a denial of service (heap-based buffer over-read\n and application crash) or possibly have unspecified\n other impact via a crafted document.(CVE-2017-9739)\n\n - The Ins_MDRP function in base/ttinterp.c in Artifex\n Ghostscript GhostXPS 9.21 allows remote attackers to\n cause a denial of service (heap-based buffer over-read\n and application crash) or possibly have unspecified\n other impact via a crafted document.(CVE-2017-9726)\n\n - The PS Interpreter in Ghostscript 9.18 and 9.20 allows\n remote attackers to execute arbitrary code via crafted\n userparams.(CVE-2016-7976)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1788\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c282bb7d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ghostscript packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-9739\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2016-7976\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ghostscript-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ghostscript-9.07-31.6.h23\",\n \"ghostscript-cups-9.07-31.6.h23\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-22T21:05:29", "description": "According to the versions of the ghostscript package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.(CVE-2016-7976)\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.(CVE-2018-11645)\n\n - A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14817)\n\n - A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14813)\n\n - A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14812)\n\n - A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14811)\n\n - libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c.\n For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.(CVE-2017-9216)\n\n - Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code.(CVE-2017-7975)\n\n - Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file.(CVE-2017-7885)\n\n - Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory.(CVE-2017-7976)\n\n - A heap based buffer overflow was found in the ghostscript jbig2_decode_gray_scale_image() function used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.(CVE-2016-9601)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : ghostscript (EulerOS-SA-2020-1240)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7976", "CVE-2016-7977", "CVE-2016-9601", "CVE-2017-7885", "CVE-2017-7975", "CVE-2017-7976", "CVE-2017-9216", "CVE-2018-11645", "CVE-2019-14811", "CVE-2019-14812", "CVE-2019-14813", "CVE-2019-14817"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ghostscript", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1240.NASL", "href": "https://www.tenable.com/plugins/nessus/134529", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134529);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2016-7976\",\n \"CVE-2016-9601\",\n \"CVE-2017-7885\",\n \"CVE-2017-7975\",\n \"CVE-2017-7976\",\n \"CVE-2017-9216\",\n \"CVE-2018-11645\",\n \"CVE-2019-14811\",\n \"CVE-2019-14812\",\n \"CVE-2019-14813\",\n \"CVE-2019-14817\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : ghostscript (EulerOS-SA-2020-1240)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ghostscript package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - The PS Interpreter in Ghostscript 9.18 and 9.20 allows\n remote attackers to execute arbitrary code via crafted\n userparams.(CVE-2016-7976)\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1\n permits the status command even if -dSAFER is used,\n which might allow remote attackers to determine the\n existence and size of arbitrary files, a similar issue\n to CVE-2016-7977.(CVE-2018-11645)\n\n - A flaw was found in, ghostscript versions prior to\n 9.50, in the .pdfexectoken and other procedures where\n it did not properly secure its privileged calls,\n enabling scripts to bypass `-dSAFER` restrictions. A\n specially crafted PostScript file could disable\n security protection and then have access to the file\n system, or execute arbitrary commands.(CVE-2019-14817)\n\n - A flaw was found in ghostscript, versions 9.x before\n 9.50, in the setsystemparams procedure where it did not\n properly secure its privileged calls, enabling scripts\n to bypass `-dSAFER` restrictions. A specially crafted\n PostScript file could disable security protection and\n then have access to the file system, or execute\n arbitrary commands.(CVE-2019-14813)\n\n - A flaw was found in all ghostscript versions 9.x before\n 9.50, in the .setuserparams2 procedure where it did not\n properly secure its privileged calls, enabling scripts\n to bypass `-dSAFER` restrictions. A specially crafted\n PostScript file could disable security protection and\n then have access to the file system, or execute\n arbitrary commands.(CVE-2019-14812)\n\n - A flaw was found in, ghostscript versions prior to\n 9.50, in the .pdf_hook_DSC_Creator procedure where it\n did not properly secure its privileged calls, enabling\n scripts to bypass `-dSAFER` restrictions. A specially\n crafted PostScript file could disable security\n protection and then have access to the file system, or\n execute arbitrary commands.(CVE-2019-14811)\n\n - libjbig2dec.a in Artifex jbig2dec 0.13, as used in\n MuPDF and Ghostscript, has a NULL pointer dereference\n in the jbig2_huffman_get function in jbig2_huffman.c.\n For example, the jbig2dec utility will crash\n (segmentation fault) when parsing an invalid\n file.(CVE-2017-9216)\n\n - Artifex jbig2dec 0.13, as used in Ghostscript, allows\n out-of-bounds writes because of an integer overflow in\n the jbig2_build_huffman_table function in\n jbig2_huffman.c during operations on a crafted JBIG2\n file, leading to a denial of service (application\n crash) or possibly execution of arbitrary\n code.(CVE-2017-7975)\n\n - Artifex jbig2dec 0.13 has a heap-based buffer over-read\n leading to denial of service (application crash) or\n disclosure of sensitive information from process\n memory, because of an integer overflow in the\n jbig2_decode_symbol_dict function in\n jbig2_symbol_dict.c in libjbig2dec.a during operation\n on a crafted .jb2 file.(CVE-2017-7885)\n\n - Artifex jbig2dec 0.13 allows out-of-bounds writes and\n reads because of an integer overflow in the\n jbig2_image_compose function in jbig2_image.c during\n operations on a crafted .jb2 file, leading to a denial\n of service (application crash) or disclosure of\n sensitive information from process\n memory.(CVE-2017-7976)\n\n - A heap based buffer overflow was found in the\n ghostscript jbig2_decode_gray_scale_image() function\n used to decode halftone segments in a JBIG2 image. A\n document (PostScript or PDF) with an embedded,\n specially crafted, jbig2 image could trigger a\n segmentation fault in ghostscript.(CVE-2016-9601)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1240\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3729b760\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ghostscript packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ghostscript-9.07-31.6.h10\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-22T21:04:37", "description": "According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.(CVE-2016-7976)\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.(CVE-2018-11645)\n\n - A flaw was found in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14817)\n\n - A flaw was found in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14813)\n\n - A flaw was found in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14812)\n\n - A flaw was found in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.(CVE-2019-14811)\n\n - libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c.\n For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.(CVE-2017-9216)\n\n - Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code.(CVE-2017-7975)\n\n - Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file.(CVE-2017-7885)\n\n - Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory.(CVE-2017-7976)\n\n - ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.(CVE-2016-9601)\n\n - In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.(CVE-2018-19478)\n\n - It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.(CVE-2019-10216)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-04-16T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.2 : ghostscript (EulerOS-SA-2020-1499)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7976", "CVE-2016-7977", "CVE-2016-9601", "CVE-2017-7885", "CVE-2017-7975", "CVE-2017-7976", "CVE-2017-9216", "CVE-2018-11645", "CVE-2018-19478", "CVE-2019-10216", "CVE-2019-14811", "CVE-2019-14812", "CVE-2019-14813", "CVE-2019-14817"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ghostscript", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "id": "EULEROS_SA-2020-1499.NASL", "href": "https://www.tenable.com/plugins/nessus/135661", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135661);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2016-7976\",\n \"CVE-2016-9601\",\n \"CVE-2017-7885\",\n \"CVE-2017-7975\",\n \"CVE-2017-7976\",\n \"CVE-2017-9216\",\n \"CVE-2018-11645\",\n \"CVE-2018-19478\",\n \"CVE-2019-10216\",\n \"CVE-2019-14811\",\n \"CVE-2019-14812\",\n \"CVE-2019-14813\",\n \"CVE-2019-14817\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : ghostscript (EulerOS-SA-2020-1499)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ghostscript package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The PS Interpreter in Ghostscript 9.18 and 9.20 allows\n remote attackers to execute arbitrary code via crafted\n userparams.(CVE-2016-7976)\n\n - psi/zfile.c in Artifex Ghostscript before 9.21rc1\n permits the status command even if -dSAFER is used,\n which might allow remote attackers to determine the\n existence and size of arbitrary files, a similar issue\n to CVE-2016-7977.(CVE-2018-11645)\n\n - A flaw was found in the .pdfexectoken and other\n procedures where it did not properly secure its\n privileged calls, enabling scripts to bypass `-dSAFER`\n restrictions. A specially crafted PostScript file could\n disable security protection and then have access to the\n file system, or execute arbitrary\n commands.(CVE-2019-14817)\n\n - A flaw was found in the setsystemparams procedure where\n it did not properly secure its privileged calls,\n enabling scripts to bypass `-dSAFER` restrictions. A\n specially crafted PostScript file could disable\n security protection and then have access to the file\n system, or execute arbitrary commands.(CVE-2019-14813)\n\n - A flaw was found in the .setuserparams2 procedure where\n it did not properly secure its privileged calls,\n enabling scripts to bypass `-dSAFER` restrictions. A\n specially crafted PostScript file could disable\n security protection and then have access to the file\n system, or execute arbitrary commands.(CVE-2019-14812)\n\n - A flaw was found in the .pdf_hook_DSC_Creator procedure\n where it did not properly secure its privileged calls,\n enabling scripts to bypass `-dSAFER` restrictions. A\n specially crafted PostScript file could disable\n security protection and then have access to the file\n system, or execute arbitrary commands.(CVE-2019-14811)\n\n - libjbig2dec.a in Artifex jbig2dec 0.13, as used in\n MuPDF and Ghostscript, has a NULL pointer dereference\n in the jbig2_huffman_get function in jbig2_huffman.c.\n For example, the jbig2dec utility will crash\n (segmentation fault) when parsing an invalid\n file.(CVE-2017-9216)\n\n - Artifex jbig2dec 0.13, as used in Ghostscript, allows\n out-of-bounds writes because of an integer overflow in\n the jbig2_build_huffman_table function in\n jbig2_huffman.c during operations on a crafted JBIG2\n file, leading to a denial of service (application\n crash) or possibly execution of arbitrary\n code.(CVE-2017-7975)\n\n - Artifex jbig2dec 0.13 has a heap-based buffer over-read\n leading to denial of service (application crash) or\n disclosure of sensitive information from process\n memory, because of an integer overflow in the\n jbig2_decode_symbol_dict function in\n jbig2_symbol_dict.c in libjbig2dec.a during operation\n on a crafted .jb2 file.(CVE-2017-7885)\n\n - Artifex jbig2dec 0.13 allows out-of-bounds writes and\n reads because of an integer overflow in the\n jbig2_image_compose function in jbig2_image.c during\n operations on a crafted .jb2 file, leading to a denial\n of service (application crash) or disclosure of\n sensitive information from process\n memory.(CVE-2017-7976)\n\n - ghostscript before version 9.21 is vulnerable to a heap\n based buffer overflow that was found in the ghostscript\n jbig2_decode_gray_scale_image function which is used to\n decode halftone segments in a JBIG2 image. A document\n (PostScript or PDF) with an embedded, specially\n crafted, jbig2 image could trigger a segmentation fault\n in ghostscript.(CVE-2016-9601)\n\n - In Artifex Ghostscript before 9.26, a carefully crafted\n PDF file can trigger an extremely long running\n computation when parsing the file.(CVE-2018-19478)\n\n - It was found that the .buildfont1 procedure did not\n properly secure its privileged calls, enabling scripts\n to bypass `-dSAFER` restrictions. An attacker could\n abuse this flaw by creating a specially crafted\n PostScript file that could escalate privileges and\n access files outside of restricted\n areas.(CVE-2019-10216)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1499\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ce7df4f5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ghostscript packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ghostscript-9.07-31.6.h13.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-07T23:34:21", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: ghostscript-9.20-5.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7977", "CVE-2016-8602"], "modified": "2016-11-07T23:34:21", "id": "FEDORA:DCA23608A1F6", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QAX3YEE2SS5UUT4SRP4SJEIC4UUOPPUT/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-19T21:46:37", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: ghostscript-9.20-4.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7977", "CVE-2016-8602"], "modified": "2016-11-19T21:46:37", "id": "FEDORA:8294F6042B20", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HBEDHHGKZP4TJOWBL2RD44K42LF4NYEU/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-18T11:44:47", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: ghostscript-9.20-2.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979"], "modified": "2016-10-18T11:44:47", "id": "FEDORA:57490608BFE3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2R76LGAVUISASDAGAG2YYJ4FFPTDP6UG/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-18T15:58:55", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: ghostscript-9.20-2.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979"], "modified": "2016-10-18T15:58:55", "id": "FEDORA:ED16260620D6", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QI4PWI7OY3FHLZ2FO5WSSYQQMLWMW6KL/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-19T06:23:11", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: ghostscript-9.20-2.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979"], "modified": "2016-10-19T06:23:11", "id": "FEDORA:DBE56606E607", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DGWZQR5LZ2KBIKC4NTGQEBUQTE4LIBEJ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2021-07-25T19:27:38", "description": "**Issue Overview:**\n\nIt was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\nIt was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\nIt was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)\n\n \n**Affected Packages:** \n\n\nghostscript\n\n \n**Issue Correction:** \nRun _yum update ghostscript_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 ghostscript-doc-8.70-21.1.24.amzn1.i686 \n \u00a0\u00a0\u00a0 ghostscript-devel-8.70-21.1.24.amzn1.i686 \n \u00a0\u00a0\u00a0 ghostscript-8.70-21.1.24.amzn1.i686 \n \u00a0\u00a0\u00a0 ghostscript-debuginfo-8.70-21.1.24.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 ghostscript-8.70-21.1.24.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 ghostscript-doc-8.70-21.1.24.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ghostscript-devel-8.70-21.1.24.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ghostscript-debuginfo-8.70-21.1.24.amzn1.x86_64 \n \u00a0\u00a0\u00a0 ghostscript-8.70-21.1.24.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-10T18:00:00", "type": "amazon", "title": "Medium: ghostscript", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2017-01-10T18:00:00", "id": "ALAS-2017-784", "href": "https://alas.aws.amazon.com/ALAS-2017-784.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "f5": [{"lastseen": "2019-04-30T18:21:10", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP AAM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP ASM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP DNS| None| 13.0.0 \n12.0.0 - 12.1.2| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP Link Controller| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP PEM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1| Not vulnerable| None \nBIG-IP WebSafe| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.2.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.2.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.2| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-14T00:37:00", "type": "f5", "title": "GhostScript vulnerabilities CVE-2013-5653, CVE-2016-7977, CVE-2016-7979, and CVE-2016-8602", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2016-8602", "CVE-2013-5653"], "modified": "2017-06-14T00:37:00", "id": "F5:K30552262", "href": "https://support.f5.com/csp/article/K30552262", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:56", "description": "[8.70-21_1]\n- Added security fixes for:\n - CVE-2013-5653 (bug #1380327)\n - CVE-2016-7977 (bug #1380415)\n - CVE-2016-7979 (bug #1382305)\n - CVE-2016-8602 (bug #1383940)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-04T00:00:00", "type": "oraclelinux", "title": "ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2017-01-04T00:00:00", "id": "ELSA-2017-0014", "href": "http://linux.oracle.com/errata/ELSA-2017-0014.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:25:14", "description": "[9.07-20_1]\n- Added security fixes for:\n - CVE-2013-5653 (bug #1380327)\n - CVE-2016-7977 (bug #1380415)\n - CVE-2016-7978 (bug #1382300)\n - CVE-2016-7979 (bug #1382305)\n - CVE-2016-8602 (bug #1383940)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-04T00:00:00", "type": "oraclelinux", "title": "ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2017-01-04T00:00:00", "id": "ELSA-2017-0013", "href": "http://linux.oracle.com/errata/ELSA-2017-0013.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:26", "description": "[9.07-28]\n- Security fix for CVE-2017-8291 updated to address SIGSEGV\n[9.07-27]\n- Added security fix for CVE-2017-8291 (bug #1446063)\n[9.07-26]\n- Updated requirements for lcms2 to avoid possible issues in the future\n[9.07-25]\n- Added security fix for CVE-2017-7207 (bug #1434353)\n- Added explicit requirement for lcms2 version we are build with (bug #1436273)\n[9.07-24]\n- Fix infinite 'for' loop in gdevp14.c file (bug #1424752)\n[9.07-23]\n- Fix for regression caused by previous CVE fixes (bug #1411725)\n[9.07-22]\n- Fix of SIGSEGV in cid_font_data_param when using ps2pdf (bug #1390847)\n[9.07-21]\n- Added security fixes for:\n - CVE-2013-5653 (bug #1380327)\n - CVE-2016-7977 (bug #1380415)\n - CVE-2016-7978 (bug #1382300)\n - CVE-2016-7979 (bug #1382305)\n - CVE-2016-8602 (bug #1383940)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-08-07T00:00:00", "type": "oraclelinux", "title": "ghostscript security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602", "CVE-2017-7207", "CVE-2017-8291"], "modified": "2017-08-07T00:00:00", "id": "ELSA-2017-2180", "href": "http://linux.oracle.com/errata/ELSA-2017-2180.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T18:38:47", "description": "The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es):\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-04T09:03:43", "type": "redhat", "title": "(RHSA-2017:0014) Moderate: ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2018-06-06T16:24:28", "id": "RHSA-2017:0014", "href": "https://access.redhat.com/errata/RHSA-2017:0014", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T04:46:28", "description": "The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es):\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process. (CVE-2016-7978)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-04T09:03:32", "type": "redhat", "title": "(RHSA-2017:0013) Moderate: ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2018-04-11T23:32:43", "id": "RHSA-2017:0013", "href": "https://access.redhat.com/errata/RHSA-2017:0013", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2022-02-27T11:51:55", "description": "**CentOS Errata and Security Advisory** CESA-2017:0014\n\n\nThe Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es):\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2017-January/059110.html\n\n**Affected packages:**\nghostscript\nghostscript-devel\nghostscript-doc\nghostscript-gtk\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2017:0014", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-04T10:39:19", "type": "centos", "title": "ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2017-01-04T10:39:19", "id": "CESA-2017:0014", "href": "https://lists.centos.org/pipermail/centos-announce/2017-January/059110.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-27T11:51:55", "description": "**CentOS Errata and Security Advisory** CESA-2017:0013\n\n\nThe Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.\n\nSecurity Fix(es):\n\n* It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)\n\n* It was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process. (CVE-2016-7978)\n\n* It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979)\n\n* It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2017-January/059111.html\n\n**Affected packages:**\nghostscript\nghostscript-cups\nghostscript-devel\nghostscript-doc\nghostscript-gtk\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2017:0013", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-04T10:40:05", "type": "centos", "title": "ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2017-01-04T10:40:05", "id": "CESA-2017:0013", "href": "https://lists.centos.org/pipermail/centos-announce/2017-January/059111.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:05:33", "description": "### Background\n\nGhostscript is an interpreter for the PostScript language and for PDF.\n\n### Description\n\nMultiple vulnerabilities have been discovered in GPL Ghostscript and the bundled OpenJPEG. Please review the CVE identifiers and GLSA-201612-26 (OpenJPEG) referenced below for additional information. \n\nNote: GPL Ghostscript in Gentoo since app-text/ghostscript-gpl-9.20-r1 no longer bundles OpenJPEG. \n\n### Impact\n\nA context-dependent attacker could entice a user to open a specially crafted PostScript file or PDF using GPL Ghostscript possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll GPL Ghostscript users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=app-text/ghostscript-gpl-9.20-r1\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-02-22T00:00:00", "type": "gentoo", "title": "GPL Ghostscript: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2017-02-22T00:00:00", "id": "GLSA-201702-31", "href": "https://security.gentoo.org/glsa/201702-31", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ibm": [{"lastseen": "2022-06-29T01:58:25", "description": "## Summary\n\nPowerKVM is affected by vulnerabilities in ghostscript. IBM has now addressed these vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2013-5653_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5653>)** \nDESCRIPTION:** Ghostscript could allow a remote attacker to obtain sensitive information, caused by the failure to honor the -dSAFER option by the getenv and filenameforall function. A remote attacker could exploit this vulnerability using a specially-crafted document to read environment variable and list directory from the system. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/121090_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/121090>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n**CVEID:** [_CVE-2016-7977_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7977>)** \nDESCRIPTION:** Ghostscript could allow a remote attacker to obtain sensitive information, caused by the failure to check PermitFileReading array when using dSAFER sandbox. An attacker could exploit this vulnerability using .libfile to access arbitrary files on the file system. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117922_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117922>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [_CVE-2016-7978_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7978>)** \nDESCRIPTION:** Ghostscript could allow a remote attacker to execute arbitrary commands on the system, caused by a reference leak in .setdevice when using dSAFER sandbox. An attacker could exploit this vulnerability to trigger a use-after-free and execute arbitrary code on the system. \nCVSS Base Score: 8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117923_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117923>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L)\n\n**CVEID:** [_CVE-2016-7979_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7979>)** \nDESCRIPTION:** Ghostscript could allow a remote attacker to execute arbitrary commands on the system, caused by a type confusion in .initialize_dsc_parser when using dSAFER sandbox. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117924_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117924>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L)\n\n**CVEID:** [_CVE-2016-8602_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8602>)** \nDESCRIPTION:** Ghostscript could allow a remote attacker to execute arbitrary commands on the system, caused by a type confusion error in .sethalftone5 when using dSAFER sandbox. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117925_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117925>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L)\n\n## Affected Products and Versions\n\nPowerKVM 2.1 and PowerKVM 3.1\n\n## Remediation/Fixes\n\nCustomers can update PowerKVM systems by using \"yum update\". \n\nFix images are made available via Fix Central. For version 3.1, see [_https://ibm.biz/BdHggw_](<https://ibm.biz/BdHggw>). This issue is addressed as of 3.1.0.2 update 5 or later.\n\nFor version 2.1, see [_https://ibm.biz/BdEnT8_](<https://ibm.biz/BdEnT8>). This issue is addressed as of PowerKVM 2.1.1.3-65 update 15 or later. Customers running v2.1 are, in any case, encouraged to upgrade to v3.1. \n\nFor v2.1 systems currently running fix levels of PowerKVM prior to 2.1.1, please see <http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README> for prerequisite fixes and instructions.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n24 Jan 2017 - Initial Version\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSZJY4\",\"label\":\"PowerKVM\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"2.1;3.1\",\"Edition\":\"KVM\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T01:35:03", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Ghostscript affect PowerKVM", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2018-06-18T01:35:03", "id": "15979D359BB848CC1BFF0D3C139D27D860BC5601AF65EB49057BAC8F1882FE0C", "href": "https://www.ibm.com/support/pages/node/630615", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:45:33", "description": "The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows\nremote attackers to cause a denial of service (application crash) or\npossibly execute arbitrary code via a crafted Postscript document that\ncalls .sethalftone5 with an empty operand stack.\n\n#### Bugs\n\n * <http://bugs.ghostscript.com/show_bug.cgi?id=697203>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840451>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-12T00:00:00", "type": "ubuntucve", "title": "CVE-2016-8602", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8602"], "modified": "2016-10-12T00:00:00", "id": "UB:CVE-2016-8602", "href": "https://ubuntu.com/security/CVE-2016-8602", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:45:38", "description": "Ghostscript before 9.21 might allow remote attackers to bypass the SAFER\nmode protection mechanism and consequently read arbitrary files via the use\nof the .libfile operator in a crafted postscript document.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839841>\n * <http://bugs.ghostscript.com/show_bug.cgi?id=697169>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-10-06T00:00:00", "type": "ubuntucve", "title": "CVE-2016-7977", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7977"], "modified": "2016-10-06T00:00:00", "id": "UB:CVE-2016-7977", "href": "https://ubuntu.com/security/CVE-2016-7977", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "redhatcve": [{"lastseen": "2021-09-02T22:53:04", "description": "It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-14T13:47:23", "type": "redhatcve", "title": "CVE-2016-8602", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8602"], "modified": "2020-08-18T08:49:05", "id": "RH:CVE-2016-8602", "href": "https://access.redhat.com/security/cve/cve-2016-8602", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-02T22:53:09", "description": "It was found that ghostscript function .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could, in the context of the gs process, retrieve file content on the target machine.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-10-06T08:47:36", "type": "redhatcve", "title": "CVE-2016-7977", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7977"], "modified": "2020-08-18T08:48:53", "id": "RH:CVE-2016-7977", "href": "https://access.redhat.com/security/cve/cve-2016-7977", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2022-04-23T03:32:19", "description": "The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-04-14T18:59:00", "type": "debiancve", "title": "CVE-2016-8602", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8602"], "modified": "2017-04-14T18:59:00", "id": "DEBIANCVE:CVE-2016-8602", "href": "https://security-tracker.debian.org/tracker/CVE-2016-8602", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-23T03:32:19", "description": "Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-05-23T04:29:00", "type": "debiancve", "title": "CVE-2016-7977", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7977"], "modified": "2017-05-23T04:29:00", "id": "DEBIANCVE:CVE-2016-7977", "href": "https://security-tracker.debian.org/tracker/CVE-2016-7977", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-04-23T03:32:20", "description": "psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-01T12:29:00", "type": "debiancve", "title": "CVE-2018-11645", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7977", "CVE-2018-11645"], "modified": "2018-06-01T12:29:00", "id": "DEBIANCVE:CVE-2018-11645", "href": "https://security-tracker.debian.org/tracker/CVE-2018-11645", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-03-23T15:55:39", "description": "The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-04-14T18:59:00", "type": "cve", "title": "CVE-2016-8602", "cwe": ["CWE-704"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8602"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:artifex:ghostscript:9.20"], "id": "CVE-2016-8602", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8602", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:artifex:ghostscript:9.20:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T15:28:10", "description": "Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-05-23T04:29:00", "type": "cve", "title": "CVE-2016-7977", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7977"], "modified": "2018-01-18T18:18:00", "cpe": ["cpe:/a:artifex:ghostscript:9.20"], "id": "CVE-2016-7977", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7977", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:artifex:ghostscript:9.20:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:24:02", "description": "psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-01T12:29:00", "type": "cve", "title": "CVE-2018-11645", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7977", "CVE-2018-11645"], "modified": "2018-11-11T11:29:00", "cpe": ["cpe:/a:artifex:ghostscript:9.20"], "id": "CVE-2018-11645", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11645", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:artifex:ghostscript:9.20:*:*:*:*:*:*:*"]}], "debian": [{"lastseen": "2021-12-02T16:18:11", "description": "Package : ghostscript\nVersion : 9.05~dfsg-6.3+deb7u3\nCVE ID : CVE-2013-5653 CVE-2016-7976 CVE-2016-7977 CVE-2016-7978 \n CVE-2016-7979 CVE-2016-8602\nDebian Bug : 839118 839260 839841 839845 839846 840451\n\nSeveral vulnerabilities were discovered in Ghostscript, the GPL\nPostScript/PDF interpreter, which may lead to the execution of arbitrary\ncode or information disclosure if a specially crafted Postscript file is\nprocessed.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n9.05~dfsg-6.3+deb7u3.\n\nWe recommend that you upgrade your ghostscript packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\nAttachment:\nsignature.asc\nDescription: Digital signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-25T03:33:12", "type": "debian", "title": "[SECURITY] [DLA 674-1] ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2016-10-25T03:33:12", "id": "DEBIAN:DLA-674-1:A5970", "href": "https://lists.debian.org/debian-lts-announce/2016/10/msg00029.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T00:09:29", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3691-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nOctober 12, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : ghostscript\nCVE ID : CVE-2013-5653 CVE-2016-7976 CVE-2016-7977 CVE-2016-7978 \n CVE-2016-7979 CVE-2016-8602\nDebian Bug : 839118 839260 839841 839845 839846 840451\n\nSeveral vulnerabilities were discovered in Ghostscript, the GPL\nPostScript/PDF interpreter, which may lead to the execution of arbitrary\ncode or information disclosure if a specially crafted Postscript file is\nprocessed.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 9.06~dfsg-2+deb8u3.\n\nWe recommend that you upgrade your ghostscript packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-12T14:42:24", "type": "debian", "title": "[SECURITY] [DSA 3691-1] ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2016-10-12T14:42:24", "id": "DEBIAN:DSA-3691-1:07C6A", "href": "https://lists.debian.org/debian-security-announce/2016/msg00272.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T22:17:24", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3691-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nOctober 12, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : ghostscript\nCVE ID : CVE-2013-5653 CVE-2016-7976 CVE-2016-7977 CVE-2016-7978 \n CVE-2016-7979 CVE-2016-8602\nDebian Bug : 839118 839260 839841 839845 839846 840451\n\nSeveral vulnerabilities were discovered in Ghostscript, the GPL\nPostScript/PDF interpreter, which may lead to the execution of arbitrary\ncode or information disclosure if a specially crafted Postscript file is\nprocessed.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 9.06~dfsg-2+deb8u3.\n\nWe recommend that you upgrade your ghostscript packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-12T14:42:24", "type": "debian", "title": "[SECURITY] [DSA 3691-1] ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5653", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602"], "modified": "2016-10-12T14:42:24", "id": "DEBIAN:DSA-3691-1:BD2E4", "href": "https://lists.debian.org/debian-security-announce/2016/msg00272.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T12:20:31", "description": "Tavis Ormandy discovered multiple vulnerabilities in the way that Ghostscript \nprocesses certain Postscript files. If a user or automated system were tricked \ninto opening a specially crafted file, an attacker could cause a denial of \nservice or possibly execute arbitrary code. (CVE-2016-7976, CVE-2016-7978, \nCVE-2016-7979, CVE-2016-8602)\n\nMultiple vulnerabilities were discovered in Ghostscript related to information \ndisclosure. If a user or automated system were tricked into opening a specially \ncrafted file, an attacker could expose sensitive data. (CVE-2013-5653, \nCVE-2016-7977)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-12-02T00:00:00", "type": "ubuntu", "title": "Ghostscript vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7979", "CVE-2016-7978", "CVE-2016-7976", "CVE-2016-7977", "CVE-2013-5653", "CVE-2016-8602"], "modified": "2016-12-02T00:00:00", "id": "USN-3148-1", "href": "https://ubuntu.com/security/notices/USN-3148-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-10-26T17:27:44", "description": "This update for ghostscript fixes the following issues:\n\n - CVE-2016-8602: Fixes a NULL dereference in .sethalftone5 (boo#1004237).\n - CVE-2013-5653, CVE-2016-7978, CVE-2016-7979: Fix multiple -dsafer\n related CVE's (boo#1001951).\n\n", "cvss3": {}, "published": "2016-10-26T18:06:44", "type": "suse", "title": "Security update for ghostscript (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7978", "CVE-2016-8602", "CVE-2013-5653"], "modified": "2016-10-26T18:06:44", "id": "OPENSUSE-SU-2016:2648-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00062.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2016-10-11T17:26:45", "description": "This update for ghostscript-library fixes the following issues:\n\n - Multiple security vulnerabilities have been discovered where\n ghostscript's &quot;-dsafer&quot; flag did not provide sufficient protection\n against unintended access to the file system. Thus, a machine that would\n process a specially crafted Postscript file would potentially leak\n sensitive information to an attacker. (CVE-2013-5653, CVE-2016-7977,\n bsc#1001951)\n\n - Insufficient validation of the type of input in .initialize_dsc_parser\n used to allow remote code execution. (CVE-2016-7979, bsc#1001951)\n\n - An integer overflow in the gs_heap_alloc_bytes function used to allow\n remote attackers to cause a denial of service (crash) via specially\n crafted Postscript files. (CVE-2015-3228, boo#939342)\n\n", "cvss3": {}, "published": "2016-10-11T18:09:48", "type": "suse", "title": "Security update for ghostscript-library (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-7979", "CVE-2016-7977", "CVE-2015-3228", "CVE-2013-5653"], "modified": "2016-10-11T18:09:48", "id": "SUSE-SU-2016:2493-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00019.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Various userparams in Ghostscript allow %pipe% in paths, allowing remote shell command execution (CVE-2016-7976). The .libfile function in Ghostscript doesn't check PermitFileReading array, allowing remote file disclosure (CVE-2016-7977). Reference leak in the .setdevice function in Ghostscript allows use-after-free and remote code execution (CVE-2016-7978). Type confusion in the .initialize_dsc_parser function in Ghostscript allows remote code execution (CVE-2016-7979). The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack (CVE-2016-8602). A heap based buffer overflow was found in the ghostscript jbig2_decode_gray_scale_image() function used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript (CVE-2016-9601). The pdf14_open function in base/gdevp14.c in Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module (CVE-2016-10217). The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file (CVE-2016-10218). The intersect function in base/gxfill.c in Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file (CVE-2016-10219). The gs_makewordimagedevice function in base/gsdevmem.c in Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module (CVE-2016-10220). The mem_get_bits_rectangle function in base/gdevmem.c in Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file (CVE-2017-5951). The mem_get_bits_rectangle function in Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document (CVE-2017-7207). Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a \"/OutputFile (%pipe%\" substring in a crafted .eps document that is an input to the gs program (CVE-2017-8291). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-07T22:16:00", "type": "mageia", "title": "Updated ghostscript packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10217", "CVE-2016-10218", "CVE-2016-10219", "CVE-2016-10220", "CVE-2016-7976", "CVE-2016-7977", "CVE-2016-7978", "CVE-2016-7979", "CVE-2016-8602", "CVE-2016-9601", "CVE-2017-5951", "CVE-2017-7207", "CVE-2017-8291"], "modified": "2017-05-07T22:16:00", "id": "MGASA-2017-0133", "href": "https://advisories.mageia.org/MGASA-2017-0133.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oracle": [{"lastseen": "2021-10-22T15:44:25", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\nCritical Patch Updates and Security Alerts for information about Oracle Security Advisories.\n\nThe January 2018 Critical Patch Update provides fixes for certain Oracle products for the Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Intel processor vulnerabilities. Please refer to this Advisory and the [Addendum to the January 2018 Critical Patch Update Advisory for Spectre and Meltdown](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2347948.1>) MOS note (Doc ID 2347948.1).\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 238 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [January 2018 Critical Patch Update: Executive Summary and Analysis.](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2338411.1>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2018-01-16T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update - January 2018", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6750", "CVE-2013-2566", "CVE-2014-0114", "CVE-2014-7817", "CVE-2014-9402", "CVE-2015-0293", "CVE-2015-1472", "CVE-2015-2808", "CVE-2015-3195", "CVE-2015-3253", "CVE-2015-4852", "CVE-2015-7501", "CVE-2015-7547", "CVE-2015-7940", "CVE-2016-0635", "CVE-2016-0703", "CVE-2016-0704", "CVE-2016-0800", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-2518", "CVE-2016-2550", "CVE-2016-4449", "CVE-2016-5385", "CVE-2016-5387", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6814", "CVE-2016-7052", "CVE-2016-7055", "CVE-2016-7977", "CVE-2016-8735", "CVE-2016-9878", "CVE-2017-0781", "CVE-2017-0782", "CVE-2017-0783", "CVE-2017-0785", "CVE-2017-10068", "CVE-2017-10262", "CVE-2017-10273", "CVE-2017-10282", "CVE-2017-10301", "CVE-2017-10352", "CVE-2017-12617", "CVE-2017-13077", "CVE-2017-13078", "CVE-2017-13079", "CVE-2017-13080", "CVE-2017-13081", "CVE-2017-13082", "CVE-2017-3731", "CVE-2017-3732", "CVE-2017-3735", "CVE-2017-3736", "CVE-2017-3737", "CVE-2017-3738", "CVE-2017-5461", "CVE-2017-5645", "CVE-2017-5664", "CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-9072", "CVE-2017-9798", "CVE-2018-2560", "CVE-2018-2561", "CVE-2018-2562", "CVE-2018-2564", "CVE-2018-2565", "CVE-2018-2566", "CVE-2018-2567", "CVE-2018-2568", "CVE-2018-2569", "CVE-2018-2570", "CVE-2018-2571", "CVE-2018-2573", "CVE-2018-2574", "CVE-2018-2575", "CVE-2018-2576", "CVE-2018-2577", "CVE-2018-2578", "CVE-2018-2579", "CVE-2018-2580", "CVE-2018-2581", "CVE-2018-2582", "CVE-2018-2583", "CVE-2018-2584", "CVE-2018-2585", "CVE-2018-2586", "CVE-2018-2588", "CVE-2018-2589", "CVE-2018-2590", "CVE-2018-2591", "CVE-2018-2592", "CVE-2018-2593", "CVE-2018-2594", "CVE-2018-2595", "CVE-2018-2596", "CVE-2018-2597", "CVE-2018-2599", "CVE-2018-2600", "CVE-2018-2601", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2604", "CVE-2018-2605", "CVE-2018-2606", "CVE-2018-2607", "CVE-2018-2608", "CVE-2018-2609", "CVE-2018-2610", "CVE-2018-2611", "CVE-2018-2612", "CVE-2018-2613", "CVE-2018-2614", "CVE-2018-2615", "CVE-2018-2616", "CVE-2018-2617", "CVE-2018-2618", "CVE-2018-2619", "CVE-2018-2620", "CVE-2018-2621", "CVE-2018-2622", "CVE-2018-2623", "CVE-2018-2624", "CVE-2018-2625", "CVE-2018-2626", "CVE-2018-2627", "CVE-2018-2629", "CVE-2018-2630", "CVE-2018-2631", "CVE-2018-2632", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2635", "CVE-2018-2636", "CVE-2018-2637", "CVE-2018-2638", "CVE-2018-2639", "CVE-2018-2640", "CVE-2018-2641", "CVE-2018-2642", "CVE-2018-2643", "CVE-2018-2644", "CVE-2018-2645", "CVE-2018-2646", "CVE-2018-2647", "CVE-2018-2648", "CVE-2018-2649", "CVE-2018-2650", "CVE-2018-2651", "CVE-2018-2652", "CVE-2018-2653", "CVE-2018-2654", "CVE-2018-2655", "CVE-2018-2656", "CVE-2018-2657", "CVE-2018-2658", "CVE-2018-2659", "CVE-2018-2660", "CVE-2018-2661", "CVE-2018-2662", "CVE-2018-2663", "CVE-2018-2664", "CVE-2018-2665", "CVE-2018-2666", "CVE-2018-2667", "CVE-2018-2668", "CVE-2018-2669", "CVE-2018-2670", "CVE-2018-2671", "CVE-2018-2672", "CVE-2018-2673", "CVE-2018-2674", "CVE-2018-2675", "CVE-2018-2676", "CVE-2018-2677", "CVE-2018-2678", "CVE-2018-2679", "CVE-2018-2680", "CVE-2018-2681", "CVE-2018-2682", "CVE-2018-2683", "CVE-2018-2684", "CVE-2018-2685", "CVE-2018-2686", "CVE-2018-2687", "CVE-2018-2688", "CVE-2018-2689", "CVE-2018-2690", "CVE-2018-2691", "CVE-2018-2692", "CVE-2018-2693", "CVE-2018-2694", "CVE-2018-2695", "CVE-2018-2696", "CVE-2018-2697", "CVE-2018-2698", "CVE-2018-2699", "CVE-2018-2700", "CVE-2018-2701", "CVE-2018-2702", "CVE-2018-2703", "CVE-2018-2704", "CVE-2018-2705", "CVE-2018-2706", "CVE-2018-2707", "CVE-2018-2708", "CVE-2018-2709", "CVE-2018-2710", "CVE-2018-2711", "CVE-2018-2712", "CVE-2018-2713", "CVE-2018-2714", "CVE-2018-2715", "CVE-2018-2716", "CVE-2018-2717", "CVE-2018-2719", "CVE-2018-2720", "CVE-2018-2721", "CVE-2018-2722", "CVE-2018-2723", "CVE-2018-2724", "CVE-2018-2725", "CVE-2018-2726", "CVE-2018-2727", "CVE-2018-2728", "CVE-2018-2729", "CVE-2018-2730", "CVE-2018-2731", "CVE-2018-2732", "CVE-2018-2733"], "modified": "2018-03-20T00:00:00", "id": "ORACLE:CPUJAN2018", "href": "https://www.oracle.com/security-alerts/cpujan2018.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-06-08T18:46:14", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\nThe January 2018 Critical Patch Update provides fixes for certain Oracle products for the Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Intel processor vulnerabilities. Please refer to this Advisory and the [Addendum to the January 2018 Critical Patch Update Advisory for Spectre and Meltdown](<https://support.oracle.com/rs?type=doc&id=2347948.1>) MOS note (Doc ID 2347948.1).\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 238 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ January 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2338411.1>).\n", "cvss3": {}, "published": "2018-01-16T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update - January 2018", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2018-2654", "CVE-2018-2731", "CVE-2018-2691", "CVE-2018-2617", "CVE-2018-2618", "CVE-2018-2722", "CVE-2016-2518", "CVE-2018-2687", "CVE-2018-2653", "CVE-2018-2723", "CVE-2017-9798", "CVE-2018-2679", "CVE-2018-2560", "CVE-2018-2659", "CVE-2018-2565", "CVE-2018-2626", "CVE-2017-5753", "CVE-2018-2561", "CVE-2017-5754", "CVE-2018-2583", "CVE-2018-2661", "CVE-2018-2589", "CVE-2016-5385", "CVE-2018-2656", "CVE-2018-2620", "CVE-2018-2623", "CVE-2017-13079", "CVE-2018-2566", "CVE-2018-2625", "CVE-2018-2650", "CVE-2017-13080", "CVE-2016-6306", "CVE-2018-2733", "CVE-2018-2582", "CVE-2016-2183", "CVE-2018-2717", "CVE-2018-2681", "CVE-2018-2728", "CVE-2018-2708", "CVE-2018-2663", "CVE-2018-2606", "CVE-2018-2709", "CVE-2016-7977", "CVE-2016-2178", "CVE-2018-2672", "CVE-2018-2646", "CVE-2018-2578", "CVE-2016-9878", "CVE-2017-3735", "CVE-2017-10273", "CVE-2015-3195", "CVE-2018-2567", "CVE-2017-0781", "CVE-2018-2586", "CVE-2018-2624", "CVE-2018-2632", "CVE-2018-2570", "CVE-2018-2669", "CVE-2018-2707", "CVE-2018-2635", "CVE-2018-2716", "CVE-2016-6302", "CVE-2018-2633", "CVE-2017-13082", "CVE-2018-2644", "CVE-2018-2696", "CVE-2018-2562", "CVE-2018-2724", "CVE-2016-2177", "CVE-2018-2639", "CVE-2014-9402", "CVE-2018-2698", "CVE-2018-2726", "CVE-2018-2638", "CVE-2016-0635", "CVE-2016-2105", "CVE-2018-2693", "CVE-2018-2590", "CVE-2018-2732", "CVE-2018-2636", "CVE-2016-2107", "CVE-2016-7055", "CVE-2018-2727", "CVE-2018-2637", "CVE-2018-2649", "CVE-2015-7501", "CVE-2018-2706", "CVE-2018-2673", "CVE-2018-2677", "CVE-2015-3253", "CVE-2018-2605", "CVE-2017-3731", "CVE-2018-2703", "CVE-2018-2721", "CVE-2017-0785", "CVE-2017-3737", "CVE-2018-2692", "CVE-2018-2571", "CVE-2018-2607", "CVE-2017-9072", "CVE-2018-2690", "CVE-2018-2725", "CVE-2018-2609", "CVE-2018-2630", "CVE-2016-1182", "CVE-2018-2711", "CVE-2017-10301", "CVE-2018-2710", "CVE-2018-2604", "CVE-2018-2612", "CVE-2018-2600", "CVE-2017-13078", "CVE-2018-2664", "CVE-2016-2180", "CVE-2018-2676", "CVE-2015-2808", "CVE-2018-2619", "CVE-2018-2574", "CVE-2018-2581", "CVE-2018-2603", "CVE-2018-2682", "CVE-2017-5715", "CVE-2016-2109", "CVE-2018-2701", "CVE-2016-2181", "CVE-2018-2593", "CVE-2016-6304", "CVE-2016-4449", "CVE-2017-0783", "CVE-2014-0114", "CVE-2017-3732", "CVE-2018-2599", "CVE-2018-2643", "CVE-2018-2666", "CVE-2018-2688", "CVE-2015-0293", "CVE-2018-2662", "CVE-2018-2601", "CVE-2018-2667", "CVE-2018-2668", "CVE-2018-2729", "CVE-2017-10352", "CVE-2016-2550", "CVE-2018-2564", "CVE-2018-2610", "CVE-2018-2660", "CVE-2018-2577", "CVE-2018-2569", "CVE-2018-2658", "CVE-2016-7052", "CVE-2018-2640", "CVE-2018-2613", "CVE-2018-2596", "CVE-2018-2705", "CVE-2017-10282", "CVE-2007-6750", "CVE-2018-2714", "CVE-2018-2674", "CVE-2018-2730", "CVE-2018-2647", "CVE-2018-2584", "CVE-2018-2641", "CVE-2014-7817", "CVE-2017-5664", "CVE-2018-2629", "CVE-2018-2585", "CVE-2016-0800", "CVE-2018-2615", "CVE-2018-2685", "CVE-2018-2699", "CVE-2018-2597", "CVE-2018-2616", "CVE-2018-2697", "CVE-2016-1181", "CVE-2018-2621", "CVE-2018-2627", "CVE-2018-2720", "CVE-2017-10262", "CVE-2018-2588", "CVE-2013-2566", "CVE-2016-8735", "CVE-2018-2648", "CVE-2018-2594", "CVE-2017-3738", "CVE-2018-2634", "CVE-2018-2602", "CVE-2016-0704", "CVE-2016-6303", "CVE-2018-2670", "CVE-2016-5387", "CVE-2018-2591", "CVE-2017-13081", "CVE-2018-2645", "CVE-2018-2655", "CVE-2017-5645", "CVE-2016-2182", "CVE-2018-2651", "CVE-2018-2608", "CVE-2018-2592", "CVE-2018-2712", "CVE-2018-2665", "CVE-2018-2652", "CVE-2017-12617", "CVE-2018-2657", "CVE-2016-0703", "CVE-2018-2700", "CVE-2015-1472", "CVE-2017-5461", "CVE-2018-2675", "CVE-2018-2671", "CVE-2018-2575", "CVE-2018-2684", "CVE-2015-7940", "CVE-2018-2580", "CVE-2017-3736", "CVE-2018-2704", "CVE-2018-2642", "CVE-2017-13077", "CVE-2018-2702", "CVE-2018-2713", "CVE-2018-2678", "CVE-2018-2622", "CVE-2018-2573", "CVE-2018-2715", "CVE-2018-2595", "CVE-2018-2579", "CVE-2016-2179", "CVE-2017-10068", "CVE-2018-2568", "CVE-2016-2106", "CVE-2018-2576", "CVE-2016-6814", "CVE-2015-7547", "CVE-2018-2614", "CVE-2018-2686", "CVE-2018-2631", "CVE-2015-4852", "CVE-2018-2694", "CVE-2018-2689", "CVE-2018-2719", "CVE-2017-0782", "CVE-2018-2611", "CVE-2018-2683", "CVE-2018-2680", "CVE-2018-2695"], "modified": "2018-03-20T00:00:00", "id": "ORACLE:CPUJAN2018-3236628", "href": "https://www.oracle.com/security-alerts/cpujan2018.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}