CVE-2005-2471
CVSS7.5
发布时间 :2005-08-05 00:00:00
修订时间 :2010-11-30 00:00:00
NMCOPS    

[原文]pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands.


[CNNVD]NetPBM PSToPNM 任意代码执行漏洞(CNNVD-200508-059)

        当调用Ghostscript将PostScript文件转换成(1) PBM,(2) PGM或(3)PNM文件时,netpbm中的pstopnm不能正确地使用"-dSAFER"选项。这使得外部用户辅助攻击者可以执行任意的命令。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:11645pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, ...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2471
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2471
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200508-059
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/21500
(UNKNOWN)  XF  netpbm-dsafer-command-execution(21500)
http://www.trustix.org/errata/2005/0038/
(VENDOR_ADVISORY)  TRUSTIX  2005-0038
http://www.securityfocus.com/bid/14379
(UNKNOWN)  BID  14379
http://www.redhat.com/support/errata/RHSA-2005-743.html
(UNKNOWN)  REDHAT  RHSA-2005:743
http://www.osvdb.org/18253
(UNKNOWN)  OSVDB  18253
http://www.novell.com/linux/security/advisories/2005_19_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2005:019
http://www.debian.org/security/2006/dsa-1021
(UNKNOWN)  DEBIAN  DSA-1021
http://securitytracker.com/id?1014752
(UNKNOWN)  SECTRACK  1014752
http://secunia.com/advisories/19436
(VENDOR_ADVISORY)  SECUNIA  19436
http://secunia.com/advisories/18330
(VENDOR_ADVISORY)  SECUNIA  18330
http://secunia.com/advisories/16184
(VENDOR_ADVISORY)  SECUNIA  16184
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757
(UNKNOWN)  MISC  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757

- 漏洞信息

NetPBM PSToPNM 任意代码执行漏洞
高危 设计错误
2005-08-05 00:00:00 2006-08-28 00:00:00
远程  
        当调用Ghostscript将PostScript文件转换成(1) PBM,(2) PGM或(3)PNM文件时,netpbm中的pstopnm不能正确地使用"-dSAFER"选项。这使得外部用户辅助攻击者可以执行任意的命令。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Conectiva Linux 10.0
        Conectiva postgresql-7.4.2-57056U10_1cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-7.4.2-57056U10_ 1cl.i386.rpm
        Conectiva postgresql-clients-7.4.2-57056U10_1cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-clients-7.4.2-5 7056U10_1cl.i386.rpm
        Conectiva postgresql-contrib-7.4.2-57056U10_1cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-contrib-7.4.2-5 7056U10_1cl.i386.rpm
        Conectiva postgresql-devel-static-7.4.2-57056U10_1cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-devel-static-7. 4.2-57056U10_1cl.i386.rpm
        Conectiva postgresql-doc-7.4.2-57056U10_1cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-doc-7.4.2-57056 U10_1cl.i386.rpm
        Conectiva postgresql-tcl-7.4.2-57056U10_1cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-tcl-7.4.2-57056 U10_1cl.i386.rpm
        Conectiva postgresql-test-7.4.2-57056U10_1cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-test-7.4.2-5705 6U10_1cl.i386.rpm
        Netpbm Netpbm 10.0
        Debian libnetpbm10-dev_10.0-8sarge3_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_alpha.deb
        Debian libnetpbm10-dev_10.0-8sarge3_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_amd64.deb
        Debian libnetpbm10-dev_10.0-8sarge3_arm.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_arm.deb
        Debian libnetpbm10-dev_10.0-8sarge3_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_hppa.deb
        Debian libnetpbm10-dev_10.0-8sarge3_i386.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_i386.deb
        Debian libnetpbm10-dev_10.0-8sarge3_ia64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_ia64.deb
        Debian libnetpbm10-dev_10.0-8sarge3_m68k.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_m68k.deb
        Debian libnetpbm10-dev_10.0-8sarge3_mips.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_mips.deb
        Debian libnetpbm10-dev_10.0-8sarge3_mipsel.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_mipsel.deb
        Debian libnetpbm10-dev_10.0-8sarge3_powerpc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_powerpc.deb
        Debian libnetpbm10-dev_10.0-8sarge3_s390.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_s390.deb
        Debian libnetpbm10-dev_10.0-8sarge3_sparc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_sparc.deb
        Debian libnetpbm10_10.0-8sarge3_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 _10.0-8sarge3_alpha.deb
        Debian libnetpbm10_10.0-8sarge3_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 _10.0-8sarge3_amd64.deb
        Debian libnetpbm10_10.0-8sarge3_arm.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 _10.0-8sarge3_arm.deb
        Debian libnetpbm10_10.0-8sarge3_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 _10.0-8sarge3_hppa.deb
        Debian libnetpbm10_10.0-8sarge3_i386.deb
        D

- 漏洞信息 (F45089)

Debian Linux Security Advisory 1021-1 (PacketStormID:F45089)
2006-04-01 00:00:00
Debian  debian.org
advisory,arbitrary,shell
linux,debian
CVE-2005-2471
[点击下载]

Debian Security Advisory DSA 1021-1 - Max Vozeler from the Debian Audit Project discovered that pstopnm, a converter from Postscript to the PBM, PGM and PNM formats, launches Ghostscript in an insecure manner, which might lead to the execution of arbitrary shell commands, when converting specially crafted Postscript files.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1021-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
March 28th, 2006                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : netpbm-free
Vulnerability  : insecure program execution
Problem-Type   : local(remote)
Debian-specific: no
CVE ID         : CVE-2005-2471
Debian Bug     : 319757

Max Vozeler from the Debian Audit Project discovered that pstopnm, a
converter from Postscript to the PBM, PGM and PNM formats, launches
Ghostscript in an insecure manner, which might lead to the execution
of arbitrary shell commands, when converting specially crafted Postscript
files.

For the old stable distribution (woody) this problem has been fixed in
version 9.20-8.6.

For the stable distribution (sarge) this problem has been fixed in
version 10.0-8sarge3.

For the unstable distribution (sid) this problem has been fixed in
version 10.0-9.

We recommend that you upgrade your netpbm package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_9.20-8.6.dsc
      Size/MD5 checksum:      664 4d28f633be81630bd2845aff41590abb
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_9.20-8.6.diff.gz
      Size/MD5 checksum:    53735 721ed5b2af8111f48d0ffab313fece69
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_9.20.orig.tar.gz
      Size/MD5 checksum:  1882851 0f153116c21bc7d2e167e574a486c22f

  Alpha architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_alpha.deb
      Size/MD5 checksum:    77934 e2e0bb84761a35a46b2a0db57a145646
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_alpha.deb
      Size/MD5 checksum:   135660 afc6e169bced434e661835106c597f64
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_alpha.deb
      Size/MD5 checksum:  1414088 692774770e3aac3a165e45b62f466623

  ARM architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_arm.deb
      Size/MD5 checksum:    64334 f61ca7f799f0fb20461d4d6b4e6ea946
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_arm.deb
      Size/MD5 checksum:   125684 1f11e24c409c3e5128383587483ce236
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_arm.deb
      Size/MD5 checksum:  1128062 6b5f3f419ee8d9f07cbc1e557adc89c2

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_i386.deb
      Size/MD5 checksum:    62644 7f3ece42e96b1ec7a5b52638580788e9
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_i386.deb
      Size/MD5 checksum:   103602 45e47348eff9e48f9687363d9733fe41
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_i386.deb
      Size/MD5 checksum:  1078848 55877f41a6b4aa14072de2356e192c5c

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_ia64.deb
      Size/MD5 checksum:    96688 782325e8e697a8a4e9ea79dfc345018d
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_ia64.deb
      Size/MD5 checksum:   170642 5292926ad4b91df8310b0430e97b051d
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_ia64.deb
      Size/MD5 checksum:  1608894 c4c511f5dd7a23e26e8788c9b6f7701d

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_hppa.deb
      Size/MD5 checksum:    84104 d5ab411020701cb2eb869497435d507f
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_hppa.deb
      Size/MD5 checksum:   123122 d67f46ae8c79acbd7a572999b4909d13
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_hppa.deb
      Size/MD5 checksum:  1337970 d939151b2a783d3c89c009330e5bc491

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_m68k.deb
      Size/MD5 checksum:    62236 c2a234c3dfb2f0aa4fe8f139c21d11d1
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_m68k.deb
      Size/MD5 checksum:   102440 3bd3b1f2d960d1689f7e06676ee4ad07
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_m68k.deb
      Size/MD5 checksum:  1016786 1e08722ae46252fdba678f4d28bdac7a

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_mips.deb
      Size/MD5 checksum:    67080 7988f7d23d859a04d0a42dcdb57e2370
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_mips.deb
      Size/MD5 checksum:   123652 6f7b169efe40754df02ac1ffe4f5bc86
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_mips.deb
      Size/MD5 checksum:  1180936 721c0e7e0c8bef40ff9b83aa9533f823

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_mipsel.deb
      Size/MD5 checksum:    66914 b1d80946941c3306f5aa8b0262aae87d
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_mipsel.deb
      Size/MD5 checksum:   123740 e5dff11f31132d4f0b808ceb8629ea3f
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_mipsel.deb
      Size/MD5 checksum:  1180002 553799f08fab46c8789467103daed1a7

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_powerpc.deb
      Size/MD5 checksum:    69122 96ffb9c4f60901d822ecb005ed24994e
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_powerpc.deb
      Size/MD5 checksum:   118036 56d9b95e050f7b2cb4c014806032e150
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_powerpc.deb
      Size/MD5 checksum:  1153944 c308b576e056202af50e1e49052ae994

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_s390.deb
      Size/MD5 checksum:    66876 82a3e0716816282db92f24a5798b570e
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_s390.deb
      Size/MD5 checksum:   116214 8d1a403a99823b689fce638c5c5bc0a8
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_s390.deb
      Size/MD5 checksum:  1130592 ac158fbc6f38cf55e0ed0f779a688850

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_9.20-8.6_sparc.deb
      Size/MD5 checksum:    65482 0d710f633cd9baf5172149ad9902ae20
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_9.20-8.6_sparc.deb
      Size/MD5 checksum:   118780 63fe4c0bbfdac11772170184c27d2f30
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_9.20-8.6_sparc.deb
      Size/MD5 checksum:  1435764 fd632f3008eac5b07759b8e811704bd4


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0-8sarge3.dsc
      Size/MD5 checksum:      751 9bb07cc5b5f1dc68e673fc4d634ea47a
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0-8sarge3.diff.gz
      Size/MD5 checksum:    46144 e647ebd57851ee4143f1a323847972fa
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz
      Size/MD5 checksum:  1926538 985e9f6d531ac0b2004f5cbebdeea87d

  Alpha architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_alpha.deb
      Size/MD5 checksum:    82754 0dcf5824a2cac073efc3e0fe23d1d169
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_alpha.deb
      Size/MD5 checksum:   146060 f9968efb1999ec81f46bf5f3f7d9c1a2
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_alpha.deb
      Size/MD5 checksum:    91676 9144928b38ea7e7cd6690891b6d45e15
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_alpha.deb
      Size/MD5 checksum:   146468 9121761edebde4bbc5e52d2136132539
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_alpha.deb
      Size/MD5 checksum:  1594994 e6ce747f3430efa7a397080719ac5342

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_amd64.deb
      Size/MD5 checksum:    68838 9de4acc90dfea3a2151be1294cded32c
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_amd64.deb
      Size/MD5 checksum:   118074 d1818d1fa6b50b2cca67b0d386a2d448
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_amd64.deb
      Size/MD5 checksum:    77218 f461a1534155d14d088d1a35cf94ca55
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_amd64.deb
      Size/MD5 checksum:   118470 d8ba27472d84604d44ec62980383e228
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_amd64.deb
      Size/MD5 checksum:  1277544 95d31444582a35c1bec3b3de390175a5

  ARM architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_arm.deb
      Size/MD5 checksum:    61906 c45a373869757a78a2dc56850d052bec
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_arm.deb
      Size/MD5 checksum:   114730 9d22f8d0d825f4cc46c2d42d371af074
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_arm.deb
      Size/MD5 checksum:    68990 1d3572760f38724c2827e1c89abfc633
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_arm.deb
      Size/MD5 checksum:   115128 7dd9c69212c671887ba327f1c9329845
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_arm.deb
      Size/MD5 checksum:  1226748 c4af4638688cd84e0375d8df116ab82f

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_i386.deb
      Size/MD5 checksum:    65044 b1bc6d245794ac7e5a309412fdd16ee1
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_i386.deb
      Size/MD5 checksum:   110616 04ddd06a3123a5c845097999aa2a1ee0
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_i386.deb
      Size/MD5 checksum:    72126 08703104d2bb7c079b49f5882f0d857e
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_i386.deb
      Size/MD5 checksum:   110794 0f222a569c99875b8a57ad67aaf8ba5a
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_i386.deb
      Size/MD5 checksum:  1199592 f188e9a9b2a51ef9b14821b449a32762

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_ia64.deb
      Size/MD5 checksum:    96562 1c13844f22a43bd0a3c6bbc513077f44
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_ia64.deb
      Size/MD5 checksum:   154744 7c2ee1187e81edab894946e915e72ea3
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_ia64.deb
      Size/MD5 checksum:   107300 6be0ca5d5ab077bb835512a71a043fb0
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_ia64.deb
      Size/MD5 checksum:   155086 25b6bdb1b24d2cd3ed72b769ef3ad86e
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_ia64.deb
      Size/MD5 checksum:  1816682 af1cc6c400e6886fc54586f032fd0598

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_hppa.deb
      Size/MD5 checksum:    78046 a0e4c45e15e6fab90cfdec4dc390c5fd
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_hppa.deb
      Size/MD5 checksum:   128158 1b0773fce61c13522212db7ebf539a71
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_hppa.deb
      Size/MD5 checksum:    88692 e58e427d27e4a44b4716236f5aec9c12
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_hppa.deb
      Size/MD5 checksum:   128598 98c093ab671f3bab24f268b3c7585264
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_hppa.deb
      Size/MD5 checksum:  1410222 0ba110fa378d121d062de06d408b16b6

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_m68k.deb
      Size/MD5 checksum:    62368 a45755f99286e6bb6b91a2bb1714b110
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_m68k.deb
      Size/MD5 checksum:   105462 6f055c7c83c58e9bad393d7bf7843f58
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_m68k.deb
      Size/MD5 checksum:    69684 cbc9edf8df5dff5eb8b36ea616ad5614
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_m68k.deb
      Size/MD5 checksum:   105692 c4e0a32abb85a0163a5c4dbff72aeb08
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_m68k.deb
      Size/MD5 checksum:  1119318 46439a0c83a1f5ffec00d0c059bdcd28

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_mips.deb
      Size/MD5 checksum:    68774 ef59d0b8df5cf4f6169ffbbcafe48c4f
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_mips.deb
      Size/MD5 checksum:   120088 36a96b933b8c3402c30e0a88193cfd91
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_mips.deb
      Size/MD5 checksum:    75586 5ac797c97977f0ff5b88c3adea415161
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_mips.deb
      Size/MD5 checksum:   120448 efe1caff0de74873bcc3f963fa9ec96f
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_mips.deb
      Size/MD5 checksum:  1671220 2930529698c1278308e5b303b53d8fb1

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_mipsel.deb
      Size/MD5 checksum:    68478 7b3096ec24ce3c48e9f3dd2a0c361db5
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_mipsel.deb
      Size/MD5 checksum:   120198 8b1fab1594d00bf345381c140118ff75
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_mipsel.deb
      Size/MD5 checksum:    75248 a4a4ece604f1c66ec869b144f7ae85ac
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_mipsel.deb
      Size/MD5 checksum:   120512 4852a2d6bddfb862adc3a316a779fb9d
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_mipsel.deb
      Size/MD5 checksum:  1678132 9af4d1f2951bc3893e3324d9eddff6e5

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_powerpc.deb
      Size/MD5 checksum:    71218 76d6b6f4cf2c8a158d335f6e54c23e05
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_powerpc.deb
      Size/MD5 checksum:   123644 35c5e119de071196c444e3be4477a4ca
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_powerpc.deb
      Size/MD5 checksum:    83410 99b0eb7540481c0c6df768a845efe230
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_powerpc.deb
      Size/MD5 checksum:   123942 09ab06bb83a6c99cb798651ed2e7e608
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_powerpc.deb
      Size/MD5 checksum:  1521484 4a8459e40d8fb2abe1d995653ff21a11

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_s390.deb
      Size/MD5 checksum:    70518 4445977f65a5cae98c0865cada636133
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_s390.deb
      Size/MD5 checksum:   115276 86542c64b14be55f44cccf3c4000ed53
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_s390.deb
      Size/MD5 checksum:    77694 aee811d396c593dddbb7e419cfa54a69
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_s390.deb
      Size/MD5 checksum:   115734 1bdb57b109389b24e74b8e4ced024a4c
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_s390.deb
      Size/MD5 checksum:  1256970 cf95c5fe46657084c6d57d3280577b1b

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge3_sparc.deb
      Size/MD5 checksum:    67822 77ebd64234266c031a4ef3d7224bd0eb
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge3_sparc.deb
      Size/MD5 checksum:   117370 578ee01c401f5e431b94a1f313c1563c
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge3_sparc.deb
      Size/MD5 checksum:    74580 5ccffb3fab23b591c9ef2356492f5e10
    http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge3_sparc.deb
      Size/MD5 checksum:   117754 30fcb12a7d466a46854963d7d5e1233b
    http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge3_sparc.deb
      Size/MD5 checksum:  1279526 9fd316722e0358d32b3e5d4cd616f4df


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEKWxPXm3vHE4uyloRAkNrAJ4hogOkKUO7/PiSovqOxfAWPkfzEQCgkORW
Vx5ZEIzgVwFUDU2KEhG4Uiw=
=ljtg
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F39231)

Ubuntu Security Notice 164-1 (PacketStormID:F39231)
2005-08-12 00:00:00
Ubuntu  ubuntu.com
advisory,arbitrary
linux,ubuntu
CVE-2005-2471
[点击下载]

Ubuntu Security Notice USN-164-1 - Max Vozeler discovered that the the pstopnm conversion tool did not use the -dSAFER option when calling ghostscript. This option prohibits file operations and calling commands within PostScript code. This flaw could be exploited by an attacker to execute arbitrary code if he tricked an user (or an automatic server) into processing a specially crafted PostScript document with pstopnm.

===========================================================
Ubuntu Security Notice USN-164-1	    August 11, 2005
netpbm-free vulnerability
CAN-2005-2471
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

netpbm

The problem can be corrected by upgrading the affected package to
version 2:10.0-5ubuntu0.1 (for Ubuntu 4.10), or 2:10.0-8ubuntu0.1 (for
Ubuntu 5.04).  In general, a standard system upgrade is sufficient to
effect the necessary changes.

Details follow:

Max Vozeler discovered that the the "pstopnm" conversion tool did not
use the -dSAFER option when calling ghostscript. This option prohibits
file operations and calling commands within PostScript code. This flaw
could be exploited by an attacker to execute arbitrary code if he
tricked an user (or an automatic server) into processing a specially
crafted PostScript document with pstopnm.

Updated packages for Ubuntu 4.10 (Warty Warthog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-5ubuntu0.1.diff.gz
      Size/MD5:    43550 594a1da9339c54d05e36106f0b1c85e0
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-5ubuntu0.1.dsc
      Size/MD5:      760 1a5edc03ebc6b8ff8076a4a0079f6674
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz
      Size/MD5:  1926538 985e9f6d531ac0b2004f5cbebdeea87d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-5ubuntu0.1_amd64.deb
      Size/MD5:   117696 81a4435f3d2338e5177eb2f83de5883a
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-5ubuntu0.1_amd64.deb
      Size/MD5:    68430 7d1534c040af6b2dfb2f076f21e11294
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-5ubuntu0.1_amd64.deb
      Size/MD5:   118092 6e3f69a316a5fab8057bafc5f6f91829
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-5ubuntu0.1_amd64.deb
      Size/MD5:    76756 13a2c07cfa7aef8c6c4d31989715ff06
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-5ubuntu0.1_amd64.deb
      Size/MD5:  1276426 41ff60e1f2a073be1f11bf37c6e9ffb6

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-5ubuntu0.1_i386.deb
      Size/MD5:   108612 4a01122b8ff53ae7f81a8782add80bc7
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-5ubuntu0.1_i386.deb
      Size/MD5:    63306 5f85f06109a2139deb853b137318f997
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-5ubuntu0.1_i386.deb
      Size/MD5:   108748 5d77a22114f9aefc1903a612d5854275
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-5ubuntu0.1_i386.deb
      Size/MD5:    70416 0d1eff935dcaadf7eb29c0378c2e5639
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-5ubuntu0.1_i386.deb
      Size/MD5:  1182336 1e715dfc30cc3beec31bfce99cbe8a79

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-5ubuntu0.1_powerpc.deb
      Size/MD5:   123390 155ee0575e849690a7cd4219ed6cb509
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-5ubuntu0.1_powerpc.deb
      Size/MD5:    70782 4eb27ff658d8e5b49d6376d824442b40
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-5ubuntu0.1_powerpc.deb
      Size/MD5:   123664 9b0ef06fab45b9edc2e2b59ad4cb2a7e
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-5ubuntu0.1_powerpc.deb
      Size/MD5:    82816 525e99e624fff10f0c34ec5785a68c4f
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-5ubuntu0.1_powerpc.deb
      Size/MD5:  1521674 0e708e0d77ca3093af9c90cc2b7f89ec

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-8ubuntu0.1.diff.gz
      Size/MD5:    45394 f045727d094656cad9f3a2f3e0171eed
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-8ubuntu0.1.dsc
      Size/MD5:      755 7b7b7c2fdadf10de5b67d745a93c7add
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz
      Size/MD5:  1926538 985e9f6d531ac0b2004f5cbebdeea87d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-8ubuntu0.1_amd64.deb
      Size/MD5:   118090 25dc40a3ab2e4dde8f8bf7b98aa74629
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-8ubuntu0.1_amd64.deb
      Size/MD5:    68828 bd84aeeb984234a89489e3044ee2c355
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-8ubuntu0.1_amd64.deb
      Size/MD5:   118482 4d9584027b65b1b3c551aa263c93ae52
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-8ubuntu0.1_amd64.deb
      Size/MD5:    77198 586b50c7907046e6f2388b158b8302f6
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-8ubuntu0.1_amd64.deb
      Size/MD5:  1277508 bd90553e95b20cab3ead12fad1f6564c

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-8ubuntu0.1_i386.deb
      Size/MD5:   109002 cd45b1a3ac5091e38d647a7bbe2c4309
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-8ubuntu0.1_i386.deb
      Size/MD5:    63740 24f0a6c4df8108e55af18d624175e2ea
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-8ubuntu0.1_i386.deb
      Size/MD5:   109136 a3e242c840b27ab6bc451f4385a0d587
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-8ubuntu0.1_i386.deb
      Size/MD5:    70794 22aa8bcd2694fc96f4880d87848ccb08
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-8ubuntu0.1_i386.deb
      Size/MD5:  1175102 9ddef3f1d985c875e4ea2638427ec4c8

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-8ubuntu0.1_powerpc.deb
      Size/MD5:   123650 bcb684cb4875269a4a954d8e855663c3
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-8ubuntu0.1_powerpc.deb
      Size/MD5:    71214 d0567e9580b01c2369fa5b4ee16a350d
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-8ubuntu0.1_powerpc.deb
      Size/MD5:   124020 643b8c4b7f95a406453f1c6162466549
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-8ubuntu0.1_powerpc.deb
      Size/MD5:    83384 28a271191d11e95438ee8e118fbc2d94
    http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-8ubuntu0.1_powerpc.deb
      Size/MD5:  1521420 66194d82af39e5a9b1230da149af1381
    

- 漏洞信息

18253
Netpbm pstopnm Arbitrary Postscript Code Execution
Loss of Integrity
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-07-24 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

NetPBM PSToPNM Arbitrary Code Execution Vulnerability
Design Error 14379
Yes No
2005-07-25 12:00:00 2007-01-02 10:21:00
Max Vozeler <xam@debian.org> reported this issue.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Turbolinux 10 F...
TurboLinux Personal
TurboLinux Multimedia
Turbolinux Home
Trustix Secure Linux 2.2
Trustix Secure Linux 2.1
Trustix Secure Enterprise Linux 2.0
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 7
+ Linux kernel 2.4.19
SGI ProPack 3.0 SP6
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Professional 7.3
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server for S/390
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core4
Red Hat Fedora Core3
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
pstotext pstotext 1.9
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Debian Linux 3.1
Netpbm Netpbm 10.27
Netpbm Netpbm 10.26
+ Mandriva Linux Mandrake 10.2 x86_64
+ Mandriva Linux Mandrake 10.2
Netpbm Netpbm 10.25
Netpbm Netpbm 10.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Gentoo Linux
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Conectiva Linux 10.0

- 漏洞讨论

The 'pstopnm' command is susceptible to an arbitrary command-execution vulnerability. This issue is due to the program's failure of to ensure that GhostScript is executed in a secure manner.

This issue allows attackers to create malicious PostScript files that allow arbitrary commands to be executed when the affected utility parses the files. This occurs in the context of the user running the affected utility.

This vulnerability was reported in version 10.0 of netpbm. Other versions may also be affected.

- 漏洞利用

An exploit is not required.

- 解决方案

Please see the references for more information and fixes.


Conectiva Linux 10.0

Netpbm Netpbm 10.0

SGI ProPack 3.0 SP6

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站