Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2020-2309.NASLHistoryNov 02, 2020 - 12:00 a.m.
EulerOS 2.0 SP8 : ghostscript (EulerOS-SA-2020-2309)
2020-11-0200:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
7 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.7%
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :
- This package provides useful conversion utilities based on Ghostscript software, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems’ PostScript (PS) and Portable Document Format (PDF) page description languages. Its primary purpose includes displaying (rasterization & rendering) and printing of document pages, as well as conversions between different document formats.Security Fix(es):A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
(CVE-2020-17538)A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
(CVE-2020-16310)A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file.
(CVE-2020-16309)A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
(CVE-2020-16308)A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. (CVE-2020-16307)A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. (CVE-2020-16306)A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
(CVE-2020-16305)A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file.
(CVE-2020-16304)A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
(CVE-2020-16301)A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
(CVE-2020-16300)A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2020-16299)A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2020-16298)A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2020-16297)A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2020-16296)A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2020-16295)A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
(CVE-2020-16294)A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_com mon() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2020-16293)A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
(CVE-2020-16292)A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2020-16291)A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2020-16290)A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2020-16289)A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2020-16288)A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
(CVE-2020-16287)A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.(CVE-2020-14373)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(142175);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/13");
script_cve_id(
"CVE-2020-14373",
"CVE-2020-16287",
"CVE-2020-16288",
"CVE-2020-16289",
"CVE-2020-16290",
"CVE-2020-16291",
"CVE-2020-16292",
"CVE-2020-16293",
"CVE-2020-16294",
"CVE-2020-16295",
"CVE-2020-16296",
"CVE-2020-16297",
"CVE-2020-16298",
"CVE-2020-16299",
"CVE-2020-16300",
"CVE-2020-16301",
"CVE-2020-16304",
"CVE-2020-16305",
"CVE-2020-16306",
"CVE-2020-16307",
"CVE-2020-16308",
"CVE-2020-16309",
"CVE-2020-16310",
"CVE-2020-17538"
);
script_name(english:"EulerOS 2.0 SP8 : ghostscript (EulerOS-SA-2020-2309)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the ghostscript packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :
- This package provides useful conversion utilities based
on Ghostscript software, for converting PS, PDF and
other document formats between each other. Ghostscript
is a suite of software providing an interpreter for
Adobe Systems' PostScript (PS) and Portable Document
Format (PDF) page description languages. Its primary
purpose includes displaying (rasterization & rendering)
and printing of document pages, as well as conversions
between different document formats.Security Fix(es):A
buffer overflow vulnerability in GetNumSameData() in
contrib/lips4/gdevlips.c of Artifex Software
GhostScript v9.50 allows a remote attacker to cause a
denial of service via a crafted PDF file.
(CVE-2020-17538)A division by zero vulnerability in
dot24_print_page() in devices/gdevdm24.c of Artifex
Software GhostScript v9.50 allows a remote attacker to
cause a denial of service via a crafted PDF file.
(CVE-2020-16310)A buffer overflow vulnerability in
lxm5700m_print_page() in devices/gdevlxm.c of Artifex
Software GhostScript v9.50 allows a remote attacker to
cause a denial of service via a crafted eps file.
(CVE-2020-16309)A buffer overflow vulnerability in
p_print_image() in devices/gdevcdj.c of Artifex
Software GhostScript v9.50 allows a remote attacker to
cause a denial of service via a crafted PDF file.
(CVE-2020-16308)A null pointer dereference
vulnerability in devices/vector/gdevtxtw.c and
psi/zbfont.c of Artifex Software GhostScript v9.50
allows a remote attacker to cause a denial of service
via a crafted postscript file. (CVE-2020-16307)A null
pointer dereference vulnerability in devices/gdevtsep.c
of Artifex Software GhostScript v9.50 allows a remote
attacker to cause a denial of service via a crafted
postscript file. (CVE-2020-16306)A buffer overflow
vulnerability in pcx_write_rle() in
contrib/japanese/gdev10v.c of Artifex Software
GhostScript v9.50 allows a remote attacker to cause a
denial of service via a crafted PDF file.
(CVE-2020-16305)A buffer overflow vulnerability in
image_render_color_thresh() in base/gxicolor.c of
Artifex Software GhostScript v9.50 allows a remote
attacker to escalate privileges via a crafted eps file.
(CVE-2020-16304)A buffer overflow vulnerability in
okiibm_print_page1() in devices/gdevokii.c of Artifex
Software GhostScript v9.50 allows a remote attacker to
cause a denial of service via a crafted PDF file.
(CVE-2020-16301)A buffer overflow vulnerability in
tiff12_print_page() in devices/gdevtfnx.c of Artifex
Software GhostScript v9.50 allows a remote attacker to
cause a denial of service via a crafted PDF file.
(CVE-2020-16300)A Division by Zero vulnerability in
bj10v_print_page() in contrib/japanese/gdev10v.c of
Artifex Software GhostScript v9.50 allows a remote
attacker to cause a denial of service via a crafted PDF
file. (CVE-2020-16299)A buffer overflow vulnerability
in mj_color_correct() in contrib/japanese/gdevmjc.c of
Artifex Software GhostScript v9.50 allows a remote
attacker to cause a denial of service via a crafted PDF
file. (CVE-2020-16298)A buffer overflow vulnerability
in FloydSteinbergDitheringC() in contrib/gdevbjca.c of
Artifex Software GhostScript v9.50 allows a remote
attacker to cause a denial of service via a crafted PDF
file. (CVE-2020-16297)A buffer overflow vulnerability
in GetNumWrongData() in contrib/lips4/gdevlips.c of
Artifex Software GhostScript v9.50 allows a remote
attacker to cause a denial of service via a crafted PDF
file. (CVE-2020-16296)A null pointer dereference
vulnerability in clj_media_size() in devices/gdevclj.c
of Artifex Software GhostScript v9.50 allows a remote
attacker to cause a denial of service via a crafted PDF
file. (CVE-2020-16295)A buffer overflow vulnerability
in epsc_print_page() in devices/gdevepsc.c of Artifex
Software GhostScript v9.50 allows a remote attacker to
cause a denial of service via a crafted PDF file.
(CVE-2020-16294)A null pointer dereference
vulnerability in
compose_group_nonknockout_nonblend_isolated_allmask_com
mon() in base/gxblend.c of Artifex Software GhostScript
v9.50 allows a remote attacker to cause a denial of
service via a crafted PDF file. (CVE-2020-16293)A
buffer overflow vulnerability in mj_raster_cmd() in
contrib/japanese/gdevmjc.c of Artifex Software
GhostScript v9.50 allows a remote attacker to cause a
denial of service via a crafted PDF file.
(CVE-2020-16292)A buffer overflow vulnerability in
contrib/gdevdj9.c of Artifex Software GhostScript v9.50
allows a remote attacker to cause a denial of service
via a crafted PDF file. (CVE-2020-16291)A buffer
overflow vulnerability in jetp3852_print_page() in
devices/gdev3852.c of Artifex Software GhostScript
v9.50 allows a remote attacker to cause a denial of
service via a crafted PDF file. (CVE-2020-16290)A
buffer overflow vulnerability in cif_print_page() in
devices/gdevcif.c of Artifex Software GhostScript v9.50
allows a remote attacker to cause a denial of service
via a crafted PDF file. (CVE-2020-16289)A buffer
overflow vulnerability in pj_common_print_page() in
devices/gdevpjet.c of Artifex Software GhostScript
v9.50 allows a remote attacker to cause a denial of
service via a crafted PDF file. (CVE-2020-16288)A
buffer overflow vulnerability in lprn_is_black() in
contrib/lips4/gdevlprn.c of Artifex Software
GhostScript v9.50 allows a remote attacker to cause a
denial of service via a crafted PDF file.
(CVE-2020-16287)A use after free was found in
igc_reloc_struct_ptr() of psi/igc.c of
ghostscript-9.25. A local attacker could supply a
specially crafted PDF file to cause a denial of
service.(CVE-2020-14373)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2309
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f08c94c9");
script_set_attribute(attribute:"solution", value:
"Update the affected ghostscript packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-17538");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"patch_publication_date", value:"2020/11/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/11/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ghostscript");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libgs");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
flag = 0;
pkgs = ["ghostscript-9.25-1.h10.eulerosv2r8",
"libgs-9.25-1.h10.eulerosv2r8"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ghostscript");
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14373
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16287
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16288
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16289
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16290
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16291
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16292
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16293
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16294
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16295
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16296
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16297
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16298
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16299
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16300
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16301
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16304
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16305
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16306
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16307
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16308
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16309
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16310
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17538
www.nessus.org/u?f08c94c9
Related
openvas
openvas
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2021-1067)
2021-01-19 00:00:00
Debian: Security Advisory (DLA-2335-1)
2020-08-21 00:00:00
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2021-1041)
2021-01-08 00:00:00
nessus
nessus
EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2021-1067)
2021-01-20 00:00:00
Debian DSA-4748-1 : ghostscript - security update
2020-08-26 00:00:00
rocky
rocky
ghostscript security, bug fix, and enhancement update
2021-05-18 06:14:55
almalinux
almalinux
Moderate: ghostscript security, bug fix, and enhancement update
2021-05-18 06:14:55
debian
debian
[SECURITY] [DLA 2335-1] ghostscript security update
2020-08-20 16:31:48
[SECURITY] [DSA 4748-1] ghostscript security update
2020-08-25 19:27:37
osv
osv
Moderate: ghostscript security, bug fix, and enhancement update
2021-05-18 06:14:55
Moderate: ghostscript security, bug fix, and enhancement update
2021-05-18 06:14:55
ghostscript - security update
2020-08-25 00:00:00
ubuntu
ubuntu
Ghostscript vulnerabilities
2020-08-24 00:00:00
mageia
mageia
Updated ghostscript packages fix security vulnerabilities
2020-08-25 11:13:25
oraclelinux
oraclelinux
ghostscript security, bug fix, and enhancement update
2021-05-25 00:00:00
redhat
redhat
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2020-08-29 00:00:00
ubuntucve
ubuntucve
prion
prion
Null pointer dereference
2020-08-13 03:15:00
Null pointer dereference
2020-08-13 03:15:00
Double free
2020-09-03 18:15:00
nvd
nvd
cve
cve
redhatcve
redhatcve
veracode
veracode
Denial Of Service (DoS)
2020-12-06 03:50:30
CVE-2020-16289
2020-12-06 03:25:56
Denial Of Service (DoS)
2020-12-06 03:28:33
alpinelinux
alpinelinux
cvelist
cvelist
debiancve
debiancve
amazon
amazon
Medium: ghostscript
2023-10-12 15:48:00
Medium: ghostscript
2023-09-13 23:44:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
7 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.7%
Related for EULEROS_SA-2020-2309.NASL