Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-3970-1.NASL
HistoryMay 09, 2019 - 12:00 a.m.

Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : ghostscript vulnerability (USN-3970-1)

2019-05-0900:00:00
Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-3970-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(124717);
  script_version("1.4");
  script_cvs_date("Date: 2020/01/21");

  script_cve_id("CVE-2019-3839");
  script_xref(name:"USN", value:"3970-1");

  script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : ghostscript vulnerability (USN-3970-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was discovered that Ghostscript incorrectly handled certain
PostScript files. If a user or automated system were tricked into
processing a specially crafted file, a remote attacker could possibly
use this issue to access arbitrary files, execute arbitrary code, or
cause a denial of service.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/3970-1/"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected ghostscript and / or libgs9 packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ghostscript");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libgs9");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.04");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/09");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(16\.04|18\.04|18\.10|19\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04 / 18.04 / 18.10 / 19.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"16.04", pkgname:"ghostscript", pkgver:"9.26~dfsg+0-0ubuntu0.16.04.9")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"libgs9", pkgver:"9.26~dfsg+0-0ubuntu0.16.04.9")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"ghostscript", pkgver:"9.26~dfsg+0-0ubuntu0.18.04.9")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"libgs9", pkgver:"9.26~dfsg+0-0ubuntu0.18.04.9")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"ghostscript", pkgver:"9.26~dfsg+0-0ubuntu0.18.10.9")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"libgs9", pkgver:"9.26~dfsg+0-0ubuntu0.18.10.9")) flag++;
if (ubuntu_check(osver:"19.04", pkgname:"ghostscript", pkgver:"9.26~dfsg+0-0ubuntu7.1")) flag++;
if (ubuntu_check(osver:"19.04", pkgname:"libgs9", pkgver:"9.26~dfsg+0-0ubuntu7.1")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript / libgs9");
}
VendorProductVersionCPE
canonicalubuntu_linuxghostscriptp-cpe:/a:canonical:ubuntu_linux:ghostscript
canonicalubuntu_linuxlibgs9p-cpe:/a:canonical:ubuntu_linux:libgs9
canonicalubuntu_linux16.04cpe:/o:canonical:ubuntu_linux:16.04
canonicalubuntu_linux18.04cpe:/o:canonical:ubuntu_linux:18.04:-:lts
canonicalubuntu_linux18.10cpe:/o:canonical:ubuntu_linux:18.10
canonicalubuntu_linux19.04cpe:/o:canonical:ubuntu_linux:19.04

Related

nessus 37
osv 4
openvas 22
debian 4
ubuntu 1
veracode 2
cvelist 2
oraclelinux 3
prion 2
debiancve 2
mageia 1
amazon 2
cve 2
centos 1
ubuntucve 2
redhatcve 2
redhat 2
fedora 3
suse 2
nessus
nessus
Oracle Linux 7 : ghostscript (ELSA-2019-1017)
2019-05-15 00:00:00
Debian DSA-4442-1 : ghostscript - security update
2019-05-13 00:00:00
EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2019-1576)
2019-05-29 00:00:00
osv
osv
ghostscript - security update
2019-05-12 00:00:00
ghostscript - security update
2019-05-19 00:00:00
CVE-2019-3839
2019-05-16 19:29:05
openvas
openvas
Debian: Security Advisory (DLA-1792-1)
2019-05-20 00:00:00
Ubuntu: Security Advisory (USN-3970-1)
2019-05-09 00:00:00
Debian: Security Advisory (DSA-4442-1)
2019-05-13 00:00:00
debian
debian
[SECURITY] [DLA 1792-1] ghostscript security update
2019-05-19 17:09:52
[SECURITY] [DSA 4442-1] ghostscript security update
2019-05-12 20:15:23
[SECURITY] [DSA 4442-1] ghostscript security update
2019-05-12 20:15:06
ubuntu
ubuntu
Ghostscript vulnerability
2019-05-08 00:00:00
veracode
veracode
Authorization Bypass
2022-05-08 09:05:37
Authorization Bypass
2019-05-16 03:39:14
cvelist
cvelist
CVE-2019-25059
2022-04-25 03:29:14
CVE-2019-3839
2019-05-16 18:31:08
oraclelinux
oraclelinux
ghostscript security update
2019-05-07 00:00:00
ghostscript security update
2019-07-30 00:00:00
ghostscript security, bug fix, and enhancement update
2019-08-13 00:00:00
prion
prion
Code injection
2022-04-25 04:15:00
Design/Logic Flaw
2019-05-16 19:29:00
debiancve
debiancve
CVE-2019-25059
2022-04-25 04:15:00
CVE-2019-3839
2019-05-16 19:29:00
mageia
mageia
Updated ghostscript packages fix security vulnerability
2019-06-10 22:17:03
amazon
amazon
Low: ghostscript
2023-03-17 16:35:00
Important: ghostscript
2021-02-17 00:58:00
cve
cve
CVE-2019-3839
2019-05-16 19:29:00
CVE-2019-25059
2022-04-25 04:15:00
centos
centos
ghostscript security update
2019-05-13 15:09:20
ubuntucve
ubuntucve
CVE-2019-3839
2019-05-06 00:00:00
CVE-2019-25059
2022-04-25 00:00:00
redhatcve
redhatcve
CVE-2019-25059
2022-04-25 13:22:57
CVE-2019-3839
2019-05-02 14:42:25
redhat
redhat
(RHSA-2019:1017) Important: ghostscript security update
2019-05-07 15:56:03
(RHSA-2019:0971) Important: ghostscript security update
2019-05-07 03:38:38
fedora
fedora
[SECURITY] Fedora 31 Update: ghostscript-9.27-1.fc31
2019-09-22 01:23:29
[SECURITY] Fedora 30 Update: ghostscript-9.27-1.fc30
2019-09-25 01:09:18
[SECURITY] Fedora 29 Update: ghostscript-9.27-1.fc29
2019-09-28 01:56:58
suse
suse
Security update for ghostscript (important)
2019-09-30 00:00:00
Security update for ghostscript (important)
2019-09-30 00:00:00
JSON
Related for UBUNTU_USN-3970-1.NASL
nessus37osv4openvas22debian4ubuntu1veracode2cvelist2oraclelinux3prion2debiancve2mageia1amazon2cve2centos1ubuntucve2redhatcve2redhat2fedora3suse2