Vulners
Lucene search
GLSA-200410-18 : Ghostscript: Insecure temporary file use in multiple scripts
| Reporter | Title | Published | Views | Family All 21 |
|---|---|---|---|---|
 | ghostscript -- insecure temporary file creation vulnerability | 19 Oct 200400:00 | – | freebsd |
 | CentOS 3 : ghostscript (CESA-2005:081) | 3 Jul 200600:00 | – | nessus |
| FreeBSD : ghostscript -- insecure temporary file creation vulnerability (27a70a01-5f6c-11da-8d54-000cf18bbe54) | 13 May 200600:00 | – | nessus |
| RHEL 3 : ghostscript (RHSA-2005:081) | 5 Oct 200500:00 | – | nessus |
| Ubuntu 4.10 : GhostScript utility script vulnerabilities (USN-3-1) | 15 Jan 200600:00 | – | nessus |
 | ghostscript, hpijs security update | 28 Sep 200515:55 | – | centos |
 | CVE-2004-0967 | 20 Oct 200404:00 | – | cve |
 | CVE-2004-0967 | 20 Oct 200404:00 | – | cvelist |
 | EUVD-2004-0965 | 7 Oct 202500:30 | – | euvd |
 | Ghostscript: Insecure temporary file use in multiple scripts | 20 Oct 200400:00 | – | gentoo |
10
| Source | Link |
|---|---|
| security | www.security.gentoo.org/glsa/200410-18 |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200410-18.
#
# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(15527);
script_version("1.18");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2004-0967");
script_xref(name:"GLSA", value:"200410-18");
script_name(english:"GLSA-200410-18 : Ghostscript: Insecure temporary file use in multiple scripts");
script_summary(english:"Checks for updated package(s) in /var/db/pkg");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Gentoo host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"The remote host is affected by the vulnerability described in GLSA-200410-18
(Ghostscript: Insecure temporary file use in multiple scripts)
The pj-gs.sh, ps2epsi, pv.sh and sysvlp.sh scripts create temporary files
in world-writeable directories with predictable names.
Impact :
A local attacker could create symbolic links in the temporary files
directory, pointing to a valid file somewhere on the filesystem. When an
affected script is called, this would result in the file to be overwritten
with the rights of the user running the script, which could be the root
user.
Workaround :
There is no known workaround at this time."
);
script_set_attribute(
attribute:"see_also",
value:"https://security.gentoo.org/glsa/200410-18"
);
script_set_attribute(
attribute:"solution",
value:
"Ghostscript users on all architectures except PPC should upgrade to the
latest version:
# emerge sync
# emerge -pv '>=app-text/ghostscript-esp-7.07.1-r7'
# emerge '>=app-text/ghostscript-esp-7.07.1-r7'
Ghostscript users on the PPC architecture should upgrade to the latest
stable version on their architecture:
# emerge sync
# emerge -pv '>=app-text/ghostscript-esp-7.05.6-r2'
# emerge '>=app-text/ghostscript-esp-7.05.6-r2'"
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ghostscript-esp");
script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2004/10/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/10/21");
script_set_attribute(attribute:"vuln_publication_date", value:"2004/09/30");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
script_family(english:"Gentoo Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (qpkg_check(package:"app-text/ghostscript-esp", unaffected:make_list("ge 7.07.1-r7", "rge 7.05.6-r2"), vulnerable:make_list("lt 7.07.1-r7"))) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = qpkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Ghostscript");
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 Jan 2021 00:00Current
5.5Medium risk
Vulners AI Score5.5
CVSS 27.2
EPSS0.00032