Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2002-123.NASL
HistoryJul 06, 2004 - 12:00 a.m.

RHEL 2.1 : ghostscript (RHSA-2002:123)

2004-07-0600:00:00
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.7%

JSON

Updated packages are available for GNU Ghostscript, which fix a vulnerability found during PostScript interpretation.

Ghostscript is a program for displaying PostScript files or printing them to non-PostScript printers.

An untrusted PostScript file can cause ghostscript to execute arbitrary commands due to insufficient checking. Since GNU Ghostscript is often used during the course of printing a document (and is run as user ‘lp’), all users should install these fixed packages.

The problem is fixed in the 6.53 source release of GNU Ghostscript, and the fix has been backported and applied to the packages referenced by this advisory.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2002-0363 to this issue.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2002:123. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(12302);
  script_version("1.21");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2002-0363");
  script_xref(name:"RHSA", value:"2002:123");

  script_name(english:"RHEL 2.1 : ghostscript (RHSA-2002:123)");
  script_summary(english:"Checks the rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated packages are available for GNU Ghostscript, which fix a
vulnerability found during PostScript interpretation.

Ghostscript is a program for displaying PostScript files or printing
them to non-PostScript printers.

An untrusted PostScript file can cause ghostscript to execute
arbitrary commands due to insufficient checking. Since GNU Ghostscript
is often used during the course of printing a document (and is run as
user 'lp'), all users should install these fixed packages.

The problem is fixed in the 6.53 source release of GNU Ghostscript,
and the fix has been backported and applied to the packages referenced
by this advisory.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2002-0363 to this issue."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2002-0363"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2002:123"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected ghostscript package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ghostscript");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");

  script_set_attribute(attribute:"vuln_publication_date", value:"2002/05/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2002/08/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/06");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^2\.1([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2002:123";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"ghostscript-6.51-16.2")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxghostscriptp-cpe:/a:redhat:enterprise_linux:ghostscript
redhatenterprise_linux2.1cpe:/o:redhat:enterprise_linux:2.1

Related

cve 1
nvd 1
cvelist 1
securityvulns 1
suse 1
cve
cve
CVE-2002-0363
2003-04-02 05:00:00
nvd
nvd
CVE-2002-0363
2002-05-29 04:00:00
cvelist
cvelist
CVE-2002-0363
2003-04-02 05:00:00
securityvulns
securityvulns
SuSE Security Announcement: Heartbeat &#40;SuSE-SA:2002:037&#41;
2002-10-15 00:00:00
suse
suse
remote root in heartbeat
2002-10-14 16:23:14

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.7%

JSON
Related for REDHAT-RHSA-2002-123.NASL
cve1nvd1cvelist1securityvulns1suse1