Home page logo
/

bugtraq logo Bugtraq mailing list archives

Security Update: [CSSA-2002-026.0] Linux: ghostscript arbitrary command execution
From: security () caldera com
Date: Tue, 11 Jun 2002 18:16:26 -0700

To: bugtraq () securityfocus com announce () lists caldera com security-alerts () linuxsecurity com


______________________________________________________________________________

                Caldera International, Inc.  Security Advisory

Subject:                Linux: ghostscript arbitrary command execution
Advisory number:        CSSA-2002-026.0
Issue date:             2002 June 11
Cross reference:
______________________________________________________________________________


1. Problem Description

        An untrusted PostScript file that uses .locksafe or .setsafe to
        reset the current page device can force the ghostscript program
        to execute arbitrary commands.


2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------

        OpenLinux 3.1.1 Server          prior to ghostscript-6.51-10.i386.rpm
                                        prior to ghostscript-doc-6.51-10.i386.rpm
                                        prior to ghostscript-fonts-6.51-10.i386.rpm
                                        prior to ghostscript-fonts-cid-6.51-10.i386.rpm

        OpenLinux 3.1.1 Workstation     prior to ghostscript-6.51-10.i386.rpm
                                        prior to ghostscript-doc-6.51-10.i386.rpm
                                        prior to ghostscript-fonts-6.51-10.i386.rpm
                                        prior to ghostscript-fonts-cid-6.51-10.i386.rpm

        OpenLinux 3.1 Server            prior to ghostscript-6.51-10.i386.rpm
                                        prior to ghostscript-doc-6.51-10.i386.rpm
                                        prior to ghostscript-fonts-6.51-10.i386.rpm
                                        prior to ghostscript-fonts-cid-6.51-10.i386.rpm

        OpenLinux 3.1 Workstation       prior to ghostscript-6.51-10.i386.rpm
                                        prior to ghostscript-doc-6.51-10.i386.rpm
                                        prior to ghostscript-fonts-6.51-10.i386.rpm
                                        prior to ghostscript-fonts-cid-6.51-10.i386.rpm


3. Solution

        The proper solution is to install the latest packages.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS

        4.2 Packages

        cfabdbccacd4de0268ce15d1dd6a0408        ghostscript-6.51-10.i386.rpm
        f9bb38edc64d718f8b943d395de7c75a        ghostscript-doc-6.51-10.i386.rpm
        70a913d9427ce45367710498bab8e065        ghostscript-fonts-6.51-10.i386.rpm
        9e2f736b44b9bfa60e51c24847637d48        ghostscript-fonts-cid-6.51-10.i386.rpm

        4.3 Installation

        rpm -Fvh ghostscript-6.51-10.i386.rpm
        rpm -Fvh ghostscript-doc-6.51-10.i386.rpm
        rpm -Fvh ghostscript-fonts-6.51-10.i386.rpm
        rpm -Fvh ghostscript-fonts-cid-6.51-10.i386.rpm

        4.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS

        4.5 Source Packages

        dba70bda415835cca29139d565936b3f        ghostscript-6.51-10.src.rpm


5. OpenLinux 3.1.1 Workstation

        5.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS

        5.2 Packages

        f8a0bf41a7dd801f6f98d50134143fbd        ghostscript-6.51-10.i386.rpm
        a2d8fbd76bc080146b1a1a964a218850        ghostscript-doc-6.51-10.i386.rpm
        bccaab1b0a9005ea7d36173e296b444e        ghostscript-fonts-6.51-10.i386.rpm
        dadf94bb7c6091cfb32d650a61e8864d        ghostscript-fonts-cid-6.51-10.i386.rpm

        5.3 Installation

        rpm -Fvh ghostscript-6.51-10.i386.rpm
        rpm -Fvh ghostscript-doc-6.51-10.i386.rpm
        rpm -Fvh ghostscript-fonts-6.51-10.i386.rpm
        rpm -Fvh ghostscript-fonts-cid-6.51-10.i386.rpm

        5.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS

        5.5 Source Packages

        38ebafe42e38f5eae8207c4f52bbb90d        ghostscript-6.51-10.src.rpm


6. OpenLinux 3.1 Server

        6.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS

        6.2 Packages

        12aa5320c2331010736ce36a9fc1ef3d        ghostscript-6.51-10.i386.rpm
        1a40569d1a9598df507faae191e68c48        ghostscript-doc-6.51-10.i386.rpm
        f44b0f45f4864d2b357b02642c4cd249        ghostscript-fonts-6.51-10.i386.rpm
        e28affd61ec6bdc19e136c1355307e90        ghostscript-fonts-cid-6.51-10.i386.rpm

        6.3 Installation

        rpm -Fvh ghostscript-6.51-10.i386.rpm
        rpm -Fvh ghostscript-doc-6.51-10.i386.rpm
        rpm -Fvh ghostscript-fonts-6.51-10.i386.rpm
        rpm -Fvh ghostscript-fonts-cid-6.51-10.i386.rpm

        6.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS

        6.5 Source Packages

        2e7ba1c536a23823a9c8072d793258af        ghostscript-6.51-10.src.rpm


7. OpenLinux 3.1 Workstation

        7.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS

        7.2 Packages

        53145cdba14975c68766ba720977c5cc        ghostscript-6.51-10.i386.rpm
        d9712806f0f65fba2d806dcc17bd02f6        ghostscript-doc-6.51-10.i386.rpm
        bbe1c3eea2309a42507c3e0cdab49cf0        ghostscript-fonts-6.51-10.i386.rpm
        4eae26e3e44aa27c0c32df3be32bf622        ghostscript-fonts-cid-6.51-10.i386.rpm

        7.3 Installation

        rpm -Fvh ghostscript-6.51-10.i386.rpm
        rpm -Fvh ghostscript-doc-6.51-10.i386.rpm
        rpm -Fvh ghostscript-fonts-6.51-10.i386.rpm
        rpm -Fvh ghostscript-fonts-cid-6.51-10.i386.rpm

        7.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS

        7.5 Source Packages

        a51ce17775efda0a93f8cf82781f50c5        ghostscript-6.51-10.src.rpm


8. References

        Specific references for this advisory:
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0363
                http://www.ghostscript.com/pipermail/gs-code-review/2002-January/001801.html
                http://www.ghostscript.com/pipermail/gs-code-review/2002-February/001900.html
                http://www.redhat.com/support/errata/RHSA-2002-083.html

        Caldera security resources:
                http://www.caldera.com/support/security

        This security fix closes Caldera incidents sr865431, fz521132,
        erg712067.


9. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on this website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera products.

______________________________________________________________________________

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
  • Security Update: [CSSA-2002-026.0] Linux: ghostscript arbitrary command execution security (Jun 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]