CVE-2003-0204
CVSS7.5
发布时间 :2003-05-05 00:00:00
修订时间 :2016-10-17 22:30:36
NMCOS    

[原文]KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.


[CNNVD]KDE Postscript/PDF文件处理任意命令执行漏洞(CNNVD-200305-005)

        
        KDE使用Ghostscript软件处理PS和PDF文件。
        KDE在处理畸形PDF和PS文件时存在漏洞,远程攻击者可以利用这个漏洞可能以用户进程权限执行任意命令。
        攻击者可以准备恶意PostScript或PDF文件,构建恶意WEB页诱使用户点击或EMAIL发送给用户打开,可导致嵌入的命令以用户进程权限执行。目前没有提供详细漏洞细节。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/o:kde:kde:2.0
cpe:/o:kde:kde:2.1
cpe:/o:kde:kde:3.0
cpe:/o:kde:kde:2.2
cpe:/o:kde:kde:3.0.4
cpe:/o:kde:kde:3.1
cpe:/o:kde:kde:3.0.3
cpe:/o:kde:kde:2.1.2
cpe:/o:kde:kde:2.2.1
cpe:/o:kde:kde:2.1.1
cpe:/o:kde:kde:2.0.1
cpe:/o:kde:kde:3.0.3a
cpe:/o:kde:kde:2.2.2
cpe:/o:kde:kde:3.0.5a
cpe:/o:kde:kde:3.0.2
cpe:/o:kde:kde:3.1.1
cpe:/o:kde:kde:3.0.1
cpe:/o:kde:kde:3.0.5

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0204
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0204
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200305-005
(官方数据源) CNNVD

- 其它链接及资源

http://bugs.kde.org/show_bug.cgi?id=53343
(UNKNOWN)  CONFIRM  http://bugs.kde.org/show_bug.cgi?id=53343
http://bugs.kde.org/show_bug.cgi?id=56808
(UNKNOWN)  CONFIRM  http://bugs.kde.org/show_bug.cgi?id=56808
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000668
(UNKNOWN)  CONECTIVA  CLA-2003:668
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747
(UNKNOWN)  CONECTIVA  CLA-2003:747
http://marc.info/?l=bugtraq&m=105001557020141&w=2
(UNKNOWN)  BUGTRAQ  20030410 GLSA: kde-3.x (200304-04)
http://marc.info/?l=bugtraq&m=105012994719099&w=2
(UNKNOWN)  BUGTRAQ  20030411 GLSA: kde-2.x (200304-05)
http://marc.info/?l=bugtraq&m=105017403010459&w=2
(UNKNOWN)  BUGTRAQ  20030412 [Sorcerer-spells] KDE-SORCERER2003-04-12
http://marc.info/?l=bugtraq&m=105034222521369&w=2
(UNKNOWN)  BUGTRAQ  20030414 GLSA: kde-2.x (200304-05.1)
http://www.debian.org/security/2003/dsa-284
(VENDOR_ADVISORY)  DEBIAN  DSA-284
http://www.debian.org/security/2003/dsa-293
(UNKNOWN)  DEBIAN  DSA-293
http://www.debian.org/security/2003/dsa-296
(UNKNOWN)  DEBIAN  DSA-296
http://www.kde.org/info/security/advisory-20030409-1.txt
(VENDOR_ADVISORY)  CONFIRM  http://www.kde.org/info/security/advisory-20030409-1.txt
http://www.mandriva.com/security/advisories?name=MDKSA-2003:049
(UNKNOWN)  MANDRAKE  MDKSA-2003:049
http://www.redhat.com/support/errata/RHSA-2003-002.html
(UNKNOWN)  REDHAT  RHSA-2003:002

- 漏洞信息

KDE Postscript/PDF文件处理任意命令执行漏洞
高危 其他
2003-05-05 00:00:00 2005-10-20 00:00:00
远程  
        
        KDE使用Ghostscript软件处理PS和PDF文件。
        KDE在处理畸形PDF和PS文件时存在漏洞,远程攻击者可以利用这个漏洞可能以用户进程权限执行任意命令。
        攻击者可以准备恶意PostScript或PDF文件,构建恶意WEB页诱使用户点击或EMAIL发送给用户打开,可导致嵌入的命令以用户进程权限执行。目前没有提供详细漏洞细节。
        

- 公告与补丁

        厂商补丁:
        Debian
        ------
        
        http://www.debian.org/security/2003/dsa-284

        KDE
        ---
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        KDE KDE 2.2.2:
        KDE Patch post-2.2.2-kdebase-thumbnail.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-2.2.2-kdebase-thumbnail.diff
        KDE Patch post-2.2.2-kdegraphics-kdvi.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-2.2.2-kdegraphics-kdvi.diff
        KDE Patch post-2.2.2-kdegraphics-kghostview-2.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-2.2.2-kdegraphics-kghostview-2.diff
        KDE Patch post-2.2.2-kdelibs-kimgio.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-2.2.2-kdelibs-kimgio.diff
        KDE KDE 3.0:
        KDE Upgrade KDE 3.0.5b
        
        http://download.kde.org/stable/3.0.5b/

        KDE KDE 3.0.1:
        KDE Upgrade KDE 3.0.5b
        
        http://download.kde.org/stable/3.0.5b/

        KDE KDE 3.0.2:
        KDE Upgrade KDE 3.0.5b
        
        http://download.kde.org/stable/3.0.5b/

        KDE KDE 3.0.3 a:
        KDE Upgrade KDE 3.0.5b
        
        http://download.kde.org/stable/3.0.5b/

        KDE KDE 3.0.3:
        KDE Upgrade KDE 3.0.5b
        
        http://download.kde.org/stable/3.0.5b/

        KDE KDE 3.0.4:
        KDE Upgrade KDE 3.0.5b
        
        http://download.kde.org/stable/3.0.5b/

        KDE KDE 3.0.5 a:
        KDE Patch post-3.0.5a-kdebase-thumbnail.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-3.0.5a-kdebase-thumbnail.diff
        KDE Patch post-3.0.5a-kdegraphics-kdvi.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-3.0.5a-kdegraphics-kdvi.diff
        KDE Patch post-3.0.5a-kdegraphics-kghostview.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-3.0.5a-kdegraphics-kghostview.diff
        KDE Patch post-3.0.5a-kdelibs-kimgio.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-3.0.5a-kdelibs-kimgio.diff
        KDE Upgrade KDE 3.0.5b
        
        http://download.kde.org/stable/3.0.5b/

        KDE KDE 3.1:
        KDE Upgrade KDE 3.1.1a
        
        http://download.kde.org/stable/3.1.1a/

        KDE KDE 3.1.1:
        KDE Patch post-3.1.1-kdebase-thumbnail.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-3.1.1-kdebase-thumbnail.diff
        KDE Patch post-3.1.1-kdegraphics-kdvi.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-3.1.1-kdegraphics-kdvi.diff
        KDE Patch post-3.1.1-kdegraphics-kghostview.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-3.1.1-kdegraphics-kghostview.diff
        KDE Patch post-3.1.1-kdelibs-kimgio.diff
        ftp://ftp.kde.org/pub/kde/security_patches/post-3.1.1-kdelibs-kimgio.diff
        KDE Upgrade KDE 3.1.1a
        
        http://download.kde.org/stable/3.1.1a/

        MandrakeSoft
        ------------
        MandrakeSoft已经为此发布了一个安全公告(MDKSA-2003:049)以及相应补丁:
        MDKSA-2003:049:Updated kde3 packages fix arbitrary command execution
        链接:
        http://www.linux-mandrake.com/en/security/2003/2003-049.php

        补丁下载:
        Updated Packages:
        Corporate Server 2.1:
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/kdebase-3.0.5a-1.2mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/kdebase-devel-3.0.5a-1.2mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/kdebase-nsplugins-3.0.5a-1.2mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/kdelibs-3.0.5a-1.2mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/kdelibs-devel-3.0.5a-1.2mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/kdegraphics-3.0.5a-1.2mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/kdegraphics-devel-3.0.5a-1.2mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS/kdebase-3.0.5a-1.2mdk.src.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS/kdelibs-3.0.5a-1.2mdk.src.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS/kdegraphics-3.0.5a-1.2mdk.src.rpm
        Mandrake Linux 9.0:
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/kdebase-3.0.5a-1.2mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/kdebase-devel-3.0.5a-1.2mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/kdebase-nsplugins-3.0.5a-1.2mdk.i586.rpm
        

- 漏洞信息

13001
KDE kghostview Ghostscript Viewer Missing Argument Arbitrary Command Execution

- 漏洞描述

Unknown or Incomplete

- 时间线

2003-04-09 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

KDE Postscript/PDF File Processing Arbitrary Command Execution Vulnerability
Failure to Handle Exceptional Conditions 7318
Yes No
2003-04-10 12:00:00 2009-07-11 09:06:00
This vulnerability was reported by the KDE team.

- 受影响的程序版本

KDE KDE 3.1.1
+ Conectiva Linux 9.0
+ S.u.S.E. Linux Personal 8.2
+ S.u.S.E. Linux Personal 8.2
KDE KDE 3.1
+ RedHat Linux 9.0 i386
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.1
KDE KDE 3.0.5 b
KDE KDE 3.0.5 a
+ RedHat Linux 8.0 i386
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3 i386
KDE KDE 3.0.5
+ Conectiva Linux 8.0
KDE KDE 3.0.4
+ Conectiva Linux 8.0
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
+ Gentoo Linux 1.2
KDE KDE 3.0.3 a
KDE KDE 3.0.3
+ Conectiva Linux 8.0
+ Conectiva Linux 8.0
+ Conectiva Linux Enterprise Edition 1.0
+ FreeBSD FreeBSD 4.7 -STABLE
+ FreeBSD FreeBSD 4.7 -STABLE
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 9.0
KDE KDE 3.0.2
+ Mandriva Linux Mandrake 8.2
KDE KDE 3.0.1
KDE KDE 3.0
+ Conectiva Linux 8.0
KDE KDE 2.2.2
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Debian Linux 3.0
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.1
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Advanced Workstation for the Itanium Processor 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux Advanced Work Station 2.1
+ Sun Linux 5.0.7
+ Sun Linux 5.0.7
+ Sun Linux 5.0.6
+ Sun Linux 5.0.6
+ Sun Linux 5.0.5
+ Sun Linux 5.0.5
KDE KDE 2.2.1
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Caldera OpenLinux Workstation 3.1
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
KDE KDE 2.2
KDE KDE 2.1.2
+ Conectiva Linux 7.0
KDE KDE 2.1.1
KDE KDE 2.1
KDE KDE 2.0.1
+ Conectiva Linux 6.0
KDE KDE 2.0
KDE KDE 3.1.1 a
KDE KDE 3.0.5 b

- 不受影响的程序版本

KDE KDE 3.1.1 a
KDE KDE 3.0.5 b

- 漏洞讨论

A problem with KDE could lead to arbitrary command execution.

The vulnerability exists when KDE attempts to process specially formatted PDF and PS (postscript) files. Exploitation of this vulnerability will result in the execution of shell commands on the vulnerable system.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Red Hat has released a security advisory (RHSA-2003:002-01), which addresses the issue. Please see the attached advisory for details on obtaining fixes.

Red Hat has also released an advisory and fixes for Red Hat Enterprise Linux. Fixes for Enterprise Linux may be obtained through the Red Hat Network.

KDE 3.0.5b and 3.1.1a are not vulnerable to this issue.

Mandrake Linux has released an advisory (MDKSA-2003:049) and fixes. Information about obtaining and applying fixes are available in the referenced advisory.

Gentoo Linux has released an updated advisory (200304-05.1) for kde 2.x systems. Affected users are advised to upgrade systems by issuing the following commands:

emerge sync
emerge \=kde-base/kdebase-2.2.2-r5
emerge \=kde-base/kdelibs-2.2.2a-r2
emerge \=kde-base/kdegraphics-2.2.2-r2
emerge clean

Gentoo Linux has released an advisory. Users who have installed kde-base/kde are advised to upgrade to kde-3.1.1a or kde-3.0.5b by issuing the following commands:

emerge sync
emerge kde OR \=kde-base/kde-3.0.5b
emerge clean

Gentoo Linux has released a new advisory (200304-05) for kde 2.x systems. Affected users are advised to upgrade systems by issuing the following commands:

emerge sync
emerge \=kde-base/kdebase-2.2.2-r5
emerge \=kde-base/kdelibs-2.2.2a-r1
emerge \=kde-base/kdegraphics-2.2.2-r2
emerge clean

Debian has released an advisory DSA 284-1. Information about obtaining and applying fixes are available in the referenced advisory. Users of the apt-get system can upgrade their systems by issuing the following commands:

apt-get update
apt-get upgrade

Sorcerer Linux has released an advisory. Affected users are advised to issue the following commands to upgrade their systems:

augur synch && augur newer && augur update

Gentoo Linux has released a new advisory for kde 3.1.1a systems. It is recommended that all Gentoo Linux users who are running kde-base/kdegraphics upgrade to kdegraphics-3.1.1a-r1 as follows:

emerge sync
emerge kdegraphics
emerge clean

Slackware Linux has released an advisory. Users of KDE are advised to upgrade systems to KDE 3.1.1a by issuing the following commands as the root user:

upgradepkg *.tgz

Debian has released a security advisory (DSA 293-1) which contains fixes addressing this issue. Further information regarding how to obtain and apply fixes can be found in the attached advisory.

SuSE has released an advisory SuSE-SA:2003:026. SuSE has advised affected users to update systems using YaST2. Further information is available in the referenced advisory.

Debian has released a new security advisory (DSA 296-1). Information about obtaining and applying fixes can be found in the referenced advisory. Users of the apt-get system are advised to issue the following commands to update affected systems:

apt-get update
apt-get upgrade

Sun has released updates for Sun Linux 5.0.5.

Conectiva has released an advisory (CLA-2003:668) to address this issue. Please see the attached advisory for details on obtaining and applying fixes manually. Users can also upgrade using the following apt commands:

apt-get update
apt-get upgrade

Conectiva has released an advisory CLA-2003:747, including fixes to address this and other issues.

SUSE has released an advisory SuSE-SA:2004:009 with additional fixes to address this and other issues. Please see the advisory for more information.

Fixes available:


KDE KDE 2.2.2

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站