Family: Debian Local Security Checks --> Category: infos
[DSA1021] DSA-1021-1 netpbm-free Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Max Vozeler from the Debian Audit Project discovered that pstopnm, a
converter from Postscript to the PBM, PGM and PNM formats, launches
Ghostscript in an insecure manner, which might lead to the execution
of arbitrary shell commands, when converting specially crafted Postscript
For the old stable distribution (woody) this problem has been fixed in
For the stable distribution (sarge) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your netpbm package.
Solution : http://www.debian.org/security/2006/dsa-1021
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.