|
|
Family: Debian Local Security Checks --> Category: infos
[DSA286] DSA-286-1 gs-common Vulnerability Scan
Vulnerability Scan Summary
DSA-286-1 gs-common
Detailed Explanation for this Vulnerability Test
Paul Szabo discovered insecure creation of a temporary file in
ps2epsi, a script that is distributed as part of gs-common which
contains common files for different Ghostscript releases. ps2epsi uses
a temporary file in the process of invoking ghostscript. This file
was created in an insecure fashion, which could allow a local attacker
to overwrite files owned by a user who invokes ps2epsi.
For the stable distribution (woody) this problem has been fixed in
version 0.3.3.0woody1.
The old stable distribution (potato) is not affected by this problem.
For the unstable distribution (sid) this problem has been fixed in
version 0.3.3.1.
We recommend that you upgrade your gs-common package.
Solution : http://www.debian.org/security/2003/dsa-286
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
