ID de Prueba:	1.3.6.1.4.1.25623.1.0.63692
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200903-37 (ghostscript-gpl ghostscript-esp ghostscript-gnu)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200903-37.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200903-37. Vulnerability Insight: Multiple integer overflows in the Ghostscript ICC library might allow for user-assisted execution of arbitrary code. Solution: All GPL Ghostscript users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-text/ghostscript-gpl-8.64-r2' All GNU Ghostscript users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-text/ghostscript-gnu-8.62.0' We recommend that users unmerge ESP Ghostscript and use GPL or GNU Ghostscript instead: # emerge --unmerge 'app-text/ghostscript-esp' For installation instructions, see above. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0583 1021868 http://securitytracker.com/id?1021868 20090319 rPSA-2009-0050-1 ghostscript http://www.securityfocus.com/archive/1/501994/100/0/threaded 262288 http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1 34184 http://www.securityfocus.com/bid/34184 34266 http://secunia.com/advisories/34266 34373 http://secunia.com/advisories/34373 34381 http://secunia.com/advisories/34381 34393 http://secunia.com/advisories/34393 34398 http://secunia.com/advisories/34398 34418 http://secunia.com/advisories/34418 34437 http://secunia.com/advisories/34437 34443 http://secunia.com/advisories/34443 34469 http://secunia.com/advisories/34469 34729 http://secunia.com/advisories/34729 35559 http://secunia.com/advisories/35559 35569 http://secunia.com/advisories/35569 ADV-2009-0776 http://www.vupen.com/english/advisories/2009/0776 ADV-2009-0777 http://www.vupen.com/english/advisories/2009/0777 ADV-2009-0816 http://www.vupen.com/english/advisories/2009/0816 ADV-2009-1708 http://www.vupen.com/english/advisories/2009/1708 DSA-1746 http://www.debian.org/security/2009/dsa-1746 ESB-2009.0259 http://www.auscert.org.au/render.html?it=10666 FEDORA-2009-2883 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.html FEDORA-2009-2885 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.html FEDORA-2009-3011 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.html FEDORA-2009-3031 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.html GLSA-200903-37 http://www.gentoo.org/security/en/glsa/glsa-200903-37.xml MDVSA-2009:095 http://www.mandriva.com/security/advisories?name=MDVSA-2009:095 MDVSA-2009:096 http://www.mandriva.com/security/advisories?name=MDVSA-2009:096 RHSA-2009:0345 http://www.redhat.com/support/errata/RHSA-2009-0345.html SUSE-SR:2009:007 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html USN-743-1 http://www.ubuntu.com/usn/USN-743-1 USN-757-1 https://usn.ubuntu.com/757-1/ ghostscript-icclib-native-color-bo(49329) https://exchange.xforce.ibmcloud.com/vulnerabilities/49329 http://bugs.gentoo.org/show_bug.cgi?id=261087 http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050 https://bugzilla.redhat.com/show_bug.cgi?id=487742 https://issues.rpath.com/browse/RPL-2991 oval:org.mitre.oval:def:10795 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10795 Common Vulnerability Exposure (CVE) ID: CVE-2009-0584 52988 http://osvdb.org/52988 ghostscript-icclib-bo(49327) https://exchange.xforce.ibmcloud.com/vulnerabilities/49327 https://bugzilla.redhat.com/show_bug.cgi?id=487744 oval:org.mitre.oval:def:10544 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10544
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.