 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.882976 |
| Kategorie: | CentOS Local Security Checks |
| Titel: | CentOS Update for ghostscript CESA-2018:3650 centos7 |
| Zusammenfassung: | The remote host is missing an update for the 'ghostscript'; package(s) announced via the CESA-2018:3650 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'ghostscript' package(s) announced via the CESA-2018:3650 advisory. Vulnerability Insight: The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * ghostscript: .tempfile file permission issues (699657) (CVE-2018-15908) * ghostscript: shading_param incomplete type checking (699660) (CVE-2018-15909) * ghostscript: missing type check in type checker (699659) (CVE-2018-16511) * ghostscript: incorrect access checking in temp file handling to disclose contents of files (699658) (CVE-2018-16539) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Tavis Ormandy (Google Project Zero) for reporting CVE-2018-15908. Affected Software/OS: ghostscript on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-15908 Debian Security Information: DSA-4288 (Google Search) https://www.debian.org/security/2018/dsa-4288 https://security.gentoo.org/glsa/201811-12 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0d3901189f245232f0161addf215d7268c4d05a3 https://www.kb.cert.org/vuls/id/332928 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html RedHat Security Advisories: RHSA-2018:3650 https://access.redhat.com/errata/RHSA-2018:3650 https://usn.ubuntu.com/3768-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-15909 BugTraq ID: 105178 http://www.securityfocus.com/bid/105178 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0b6cd1918e1ec4ffd087400a754a845180a4522b http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e01e77a36cbb2e0277bc3a63852244bec41be0f6 Common Vulnerability Exposure (CVE) ID: CVE-2018-16511 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0edd3d6c634a577db261615a9dc2719bca7f6e01 http://seclists.org/oss-sec/2018/q3/182 https://bugs.ghostscript.com/show_bug.cgi?id=699659 https://www.artifex.com/news/ghostscript-security-resolved/ Common Vulnerability Exposure (CVE) ID: CVE-2018-16539 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a054156d425b4dbdaaa9fda4b5f1182b27598c2b https://bugs.ghostscript.com/show_bug.cgi?id=699658 |
| Copyright | Copyright (C) 2018 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |