Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN164-1 : netpbm-free vulnerability Vulnerability Scan

Vulnerability Scan Summary
netpbm-free vulnerability

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- libnetpbm10
- libnetpbm10-dev
- libnetpbm9
- libnetpbm9-dev
- netpbm

Description :

Max Vozeler discovered that the the "pstopnm" conversion tool did not
use the -dSAFER option when calling ghostscript. This option prohibits
file operations and calling commands within PostScript code. This flaw
could be exploited by a possible hacker to execute arbitrary code if he
tricked an user (or an automatic server) into processing a specially
crafted PostScript document with pstopnm.

Solution :

Upgrade to :
- libnetpbm10-10.0-8ubuntu0.1 (Ubuntu 5.04)
- libnetpbm10-dev-10.0-8ubuntu0.1 (Ubuntu 5.04)
- libnetpbm9-10.0-8ubuntu0.1 (Ubuntu 5.04)
- libnetpbm9-dev-10.0-8ubuntu0.1 (Ubuntu 5.04)
- netpbm-10.0-8ubuntu0.1 (Ubuntu 5.04)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.