ID de Prueba:	1.3.6.1.4.1.25623.1.0.882982
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for ghostscript CESA-2018:3761 centos7
Resumen:	The remote host is missing an update for the 'ghostscript'; package(s) announced via the CESA-2018:3761 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ghostscript' package(s) announced via the CESA-2018:3761 advisory. Vulnerability Insight: The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * ghostscript: incomplete fix for CVE-2018-16509 (CVE-2018-16863) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Previously, the flushpage operator has been removed as part of a major clean-up of a non-standard operator. However, flushpage has been found to be used in a few specific use cases. With this update, it has been re-added to support those use cases. (BZ#1654290) Affected Software/OS: ghostscript on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-16863 RHSA-2018:3761 https://access.redhat.com/errata/RHSA-2018:3761 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=520bb0ea7519 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=5516c614dc33 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=78911a01b67d http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=79cccf641486 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16863 Common Vulnerability Exposure (CVE) ID: CVE-2018-16509 BugTraq ID: 105122 http://www.securityfocus.com/bid/105122 Debian Security Information: DSA-4294 (Google Search) https://www.debian.org/security/2018/dsa-4294 https://www.exploit-db.com/exploits/45369/ https://security.gentoo.org/glsa/201811-12 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5516c614dc33662a2afdc377159f70218e67bde5 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=78911a01b67d590b4a91afac2e8417360b934156 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=79cccf641486a6595c43f1de1cd7ade696020a31 http://seclists.org/oss-sec/2018/q3/142 https://bugs.ghostscript.com/show_bug.cgi?id=699654 https://www.artifex.com/news/ghostscript-security-resolved/ https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html RedHat Security Advisories: RHSA-2018:2918 https://access.redhat.com/errata/RHSA-2018:2918 RedHat Security Advisories: RHSA-2018:3760 https://access.redhat.com/errata/RHSA-2018:3760 https://usn.ubuntu.com/3768-1/
Copyright	Copyright (C) 2018 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.