ID de Prueba:	1.3.6.1.4.1.25623.1.0.60712
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2008:0155
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2008:0155. Ghostscript is a program for displaying PostScript files, or printing them to non-PostScript printers. Chris Evans from the Google Security Team reported a stack-based buffer overflow flaw in Ghostscript's zseticcspace() function. An attacker could create a malicious PostScript file that would cause Ghostscript to execute arbitrary code when opened. (CVE-2008-0411) These updated packages also fix a bug, which prevented the pxlmono printer driver from producing valid output on Red Hat Enterprise Linux 4. All users of ghostscript are advised to upgrade to these updated packages, which contain a backported patch to resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0155.html http://www.redhat.com/security/updates/classification/#important Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0411 BugTraq ID: 28017 http://www.securityfocus.com/bid/28017 Bugtraq: 20080228 Ghostscript buffer overflow (Google Search) http://www.securityfocus.com/archive/1/488946/100/0/threaded Bugtraq: 20080228 rPSA-2008-0082-1 espgs (Google Search) http://www.securityfocus.com/archive/1/488932/100/0/threaded Debian Security Information: DSA-1510 (Google Search) http://www.debian.org/security/2008/dsa-1510 https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:055 http://scary.beasts.org/security/CESA-2008-001.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9557 http://www.redhat.com/support/errata/RHSA-2008-0155.html http://www.securitytracker.com/id?1019511 http://secunia.com/advisories/29101 http://secunia.com/advisories/29103 http://secunia.com/advisories/29112 http://secunia.com/advisories/29135 http://secunia.com/advisories/29147 http://secunia.com/advisories/29154 http://secunia.com/advisories/29169 http://secunia.com/advisories/29196 http://secunia.com/advisories/29314 http://secunia.com/advisories/29768 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.370633 SuSE Security Announcement: SUSE-SA:2008:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html http://www.ubuntu.com/usn/usn-599-1 http://www.vupen.com/english/advisories/2008/0693/references
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.