|
Family: Ubuntu Local Security Checks --> Category: infos
USN3-1 : GhostScript utility script vulnerabilities Vulnerability Scan
Vulnerability Scan Summary GhostScript utility script vulnerabilities
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote package "gs-common" is missing a security patch.
Description :
Recently, Trustix Secure Linux discovered some vulnerabilities in the
gs-common package. The utilities "pv.sh" and "ps2epsi" created
temporary files in an insecure way, which allowed a symlink attack to
create or overwrite arbitrary files with the rights of the user
invoking the program.
Solution :
Upgrade to :
- gs-common-0.3.6ubuntu1.1 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|