EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-2829)

🗓️ 08 Nov 2024 00:00:00Reported by TenableType

EulerOS 2.0 SP9 affected by ghostscript vulnerabilities prior to version 10.03.0 (CVE-2024-29508).

Reporter	Title	Published	Views	Family All 90
Tenable Nessus	Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2024-692)	6 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : ghostscript (ALAS-2024-2614)	17 Aug 202400:00	–	nessus
Tenable Nessus	Debian dla-3931 : ghostscript - security update	22 Oct 202400:00	–	nessus
Tenable Nessus	Debian dsa-5760 : ghostscript - security update	29 Aug 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-2812)	8 Nov 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2024-2886)	8 Nov 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2024-2905)	8 Nov 202400:00	–	nessus
Tenable Nessus	Fedora 40 : ghostscript (2024-053b8330a1)	23 Jul 202400:00	–	nessus
Tenable Nessus	Fedora 39 : ghostscript (2024-52192927d8)	24 Jul 202400:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : ghostscript (SUSE-SU-2024:2547-1)	22 Jul 202400:00	–	nessus

Source	Link
nessus	www.nessus.org/u
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(210700);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/11/15");

  script_cve_id("CVE-2024-29508");
  script_xref(name:"IAVB", value:"2024-B-0074-S");

  script_name(english:"EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-2829)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected
by the following vulnerabilities :

    Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed
    BaseFont name) in the function pdf_base_font_alloc.(CVE-2024-29508)

Tenable has extracted the preceding description block directly from the EulerOS ghostscript security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2024-2829
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?75380613");
  script_set_attribute(attribute:"solution", value:
"Update the affected ghostscript packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-29508");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/06/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/11/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/11/08");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ghostscript");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ghostscript-help");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (_release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9");

var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(9)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9");

if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "x86" >!< cpu) audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

var flag = 0;

var pkgs = [
  "ghostscript-9.52-1.h12.eulerosv2r9",
  "ghostscript-help-9.52-1.h12.eulerosv2r9"
];

foreach (var pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"9", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_NOTE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript");
}

15 Nov 2024 00:00Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.13.3

EPSS0.00047

SSVC