Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN164-1 : netpbm-free vulnerability Vulnerability Scan


Vulnerability Scan Summary
netpbm-free vulnerability

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- libnetpbm10
- libnetpbm10-dev
- libnetpbm9
- libnetpbm9-dev
- netpbm


Description :

Max Vozeler discovered that the the "pstopnm" conversion tool did not
use the -dSAFER option when calling ghostscript. This option prohibits
file operations and calling commands within PostScript code. This flaw
could be exploited by a possible hacker to execute arbitrary code if he
tricked an user (or an automatic server) into processing a specially
crafted PostScript document with pstopnm.

Solution :

Upgrade to :
- libnetpbm10-10.0-8ubuntu0.1 (Ubuntu 5.04)
- libnetpbm10-dev-10.0-8ubuntu0.1 (Ubuntu 5.04)
- libnetpbm9-10.0-8ubuntu0.1 (Ubuntu 5.04)
- libnetpbm9-dev-10.0-8ubuntu0.1 (Ubuntu 5.04)
- netpbm-10.0-8ubuntu0.1 (Ubuntu 5.04)



Threat Level: High


Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.