首页 -> 安全研究
安全研究
安全漏洞
Ghostscript PostScript文件本地可执行任意命令漏洞
发布日期:2002-06-06
更新日期:2002-06-10
受影响系统:
Aladdin Enterprises Ghostscript 5.50不受影响系统:
- RedHat Linux 7.1 ia64
- RedHat Linux 7.1 x86
- RedHat Linux 7.1 alpha
- RedHat Linux 7.0 alpha
- RedHat Linux 7.0
- RedHat Linux 7.0 sparc
- RedHat Linux 7.0 x86
- RedHat Linux 6.2 x86
- RedHat Linux 6.2 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2
Aladdin Enterprises Ghostscript 6.51
- RedHat Linux 7.3 x86
- RedHat Linux 7.2 ia64
- RedHat Linux 7.2
- RedHat Linux 7.2 x86
- RedHat Linux 7.1 x86
- RedHat Linux 7.1
- RedHat Linux 7.1 alpha
- RedHat Linux 7.1 ia64
- RedHat Linux 7.0 x86
- RedHat Linux 7.0 alpha
- RedHat Linux 7.0
- RedHat Linux 7.0 sparc
- RedHat Linux 6.2
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 x86
- RedHat Linux 6.2 alpha
Aladdin Enterprises Ghostscript 6.52
- RedHat Linux 7.3 x86
- RedHat Linux 7.2
- RedHat Linux 7.2 x86
- RedHat Linux 7.2 ia64
- RedHat Linux 7.1 ia64
- RedHat Linux 7.1 x86
- RedHat Linux 7.1
- RedHat Linux 7.1 alpha
- RedHat Linux 7.0 sparc
- RedHat Linux 7.0 x86
- RedHat Linux 7.0 alpha
- RedHat Linux 7.0
- RedHat Linux 6.2
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 x86
- RedHat Linux 6.2 alpha
Aladdin Enterprises Ghostscript 6.53描述:
BUGTRAQ ID: 4937
CVE(CAN) ID: CVE-2002-0363
Ghostscript是一款免费开放源代码的显示PostScript文件或者打印到不支持PostScript文件类型打印机的程序。
Ghostscript对用户提交的文件内容缺少正确的检查,可导致本地攻击者当文件被打印时执行任意命令。
恶意格式的PostScript文件当被Ghostscript用于打印时,可导致执行任意命令,通过在文件中使用.locksafe或者.setsafe功能可以重设当前页面设备,导致攻击者可以在页面打印时以lp用户的权限在系统上执行任意命令。
<*来源:bugzilla@redhat.com (bugzilla@redhat.com)
链接:http://www.ghostscript.com/pipermail/gs-code-review/2002-February/001900.html
https://www.redhat.com/support/errata/RHSA-2002-083.html
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 加强本地用户管理,只允许可信用户访问。
厂商补丁:
HP
--
HP已经为此发布了一个安全公告(HPSBTL0602-047)以及相应补丁:
HPSBTL0602-047:Security vulnerability in ghostscript
HP建立采用RedHat Advisory RHSA-2002:083公告中所提供的补丁程序。
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2002:083-22)以及相应补丁:
RHSA-2002:083-22:Ghostscript command execution vulnerability
链接:https://www.redhat.com/support/errata/RHSA-2002-083.html
补丁下载:
Red Hat Linux 6.2:
SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/ghostscript-6.51-16.1.6x.1.src.rpm
ftp://updates.redhat.com/6.2/en/os/SRPMS/VFlib2-2.25.1-11.6x.src.rpm
ftp://updates.redhat.com/6.2/en/os/SRPMS/xtt-fonts-0.19990222-8.6x.src.rpm
alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/ghostscript-6.51-16.1.6x.1.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/VFlib2-2.25.1-11.6x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/VFlib2-devel-2.25.1-11.6x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/VFlib2-VFjfm-2.25.1-11.6x.alpha.rpm
i386:
ftp://updates.redhat.com/6.2/en/os/i386/ghostscript-6.51-16.1.6x.1.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/VFlib2-2.25.1-11.6x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/VFlib2-devel-2.25.1-11.6x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/VFlib2-VFjfm-2.25.1-11.6x.i386.rpm
noarch:
ftp://updates.redhat.com/6.2/en/os/noarch/xtt-fonts-0.19990222-8.6x.noarch.rpm
sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/ghostscript-6.51-16.1.6x.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/VFlib2-2.25.1-11.6x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/VFlib2-devel-2.25.1-11.6x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/VFlib2-VFjfm-2.25.1-11.6x.sparc.rpm
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/ghostscript-6.51-16.1.7x.src.rpm
ftp://updates.redhat.com/7.0/en/os/SRPMS/VFlib2-2.25.1-12.src.rpm
ftp://updates.redhat.com/7.0/en/os/SRPMS/xtt-fonts-0.19990222-9.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/ghostscript-6.51-16.1.7x.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/VFlib2-2.25.1-12.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/VFlib2-devel-2.25.1-12.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/VFlib2-VFjfm-2.25.1-12.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/ghostscript-6.51-16.1.7x.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/VFlib2-2.25.1-12.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/VFlib2-devel-2.25.1-12.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/VFlib2-VFjfm-2.25.1-12.i386.rpm
noarch:
ftp://updates.redhat.com/7.0/en/os/noarch/xtt-fonts-0.19990222-9.noarch.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/ghostscript-6.51-16.1.7x.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/ghostscript-6.51-16.1.7x.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/ghostscript-6.51-16.1.7x.i386.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/ghostscript-6.51-16.1.7x.ia64.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/ghostscript-6.51-16.2.src.rpm
ftp://updates.redhat.com/7.2/en/os/SRPMS/printconf-0.3.61-4.1.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/ghostscript-6.51-16.2.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/printconf-0.3.61-4.1.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/printconf-gui-0.3.61-4.1.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/ghostscript-6.51-16.2.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/printconf-0.3.61-4.1.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/printconf-gui-0.3.61-4.1.ia64.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/ghostscript-6.52-9.4.src.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/ghostscript-6.52-9.4.i386.rpm
可使用下列命令安装补丁:
rpm -Fvh [文件名]
浏览次数:3690
严重程度:0(网友投票)
绿盟科技给您安全的保障