Test ID:	1.3.6.1.4.1.25623.1.0.63874
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDVSA-2009:096 (printer-drivers)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to printer-drivers announced via advisory MDVSA-2009:096. A buffer underflow in Ghostscript's CCITTFax decoding filter allows remote attackers to cause denial of service and possibly to execute arbitrary by using a crafted PDF file (CVE-2007-6725). Multiple interger overflows in Ghostsript's International Color Consortium Format Library (icclib) allows attackers to cause denial of service (heap-based buffer overflow and application crash) and possibly execute arbirary code by using either a PostScript or PDF file with crafte embedded images (CVE-2009-0583, CVE-2009-0584). Multiple interger overflows in Ghostsript's International Color Consortium Format Library (icclib) allows attackers to cause denial of service (heap-based buffer overflow and application crash) and possibly execute arbirary code by using either a PostScript or PDF file with crafte embedded images. Note: this issue exists because of an incomplete fix for CVE-2009-0583 (CVE-2009-0792). This update provides fixes for that vulnerabilities. Affected: Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2009:096 CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6725 BugTraq ID: 34337 http://www.securityfocus.com/bid/34337 Bugtraq: 20090417 rPSA-2009-0060-1 ghostscript (Google Search) http://www.securityfocus.com/archive/1/502757/100/0/threaded http://www.mail-archive.com/fedora-package-announce@redhat.com/msg11830.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:095 http://www.mandriva.com/security/advisories?name=MDVSA-2009:096 http://www.openwall.com/lists/oss-security/2009/04/01/10 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9507 http://www.redhat.com/support/errata/RHSA-2009-0420.html http://www.redhat.com/support/errata/RHSA-2009-0421.html http://secunia.com/advisories/34726 http://secunia.com/advisories/34729 http://secunia.com/advisories/34732 http://secunia.com/advisories/35416 http://secunia.com/advisories/35559 http://secunia.com/advisories/35569 http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1 SuSE Security Announcement: SUSE-SR:2009:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html https://usn.ubuntu.com/757-1/ http://www.vupen.com/english/advisories/2009/1708 Common Vulnerability Exposure (CVE) ID: CVE-2009-0583 AUSCERT Advisory: ESB-2009.0259 http://www.auscert.org.au/render.html?it=10666 BugTraq ID: 34184 http://www.securityfocus.com/bid/34184 Bugtraq: 20090319 rPSA-2009-0050-1 ghostscript (Google Search) http://www.securityfocus.com/archive/1/501994/100/0/threaded Debian Security Information: DSA-1746 (Google Search) http://www.debian.org/security/2009/dsa-1746 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.html https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.html https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.html https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.html http://www.gentoo.org/security/en/glsa/glsa-200903-37.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10795 http://www.redhat.com/support/errata/RHSA-2009-0345.html http://securitytracker.com/id?1021868 http://secunia.com/advisories/34266 http://secunia.com/advisories/34373 http://secunia.com/advisories/34381 http://secunia.com/advisories/34393 http://secunia.com/advisories/34398 http://secunia.com/advisories/34418 http://secunia.com/advisories/34437 http://secunia.com/advisories/34443 http://secunia.com/advisories/34469 SuSE Security Announcement: SUSE-SR:2009:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://www.ubuntu.com/usn/USN-743-1 http://www.vupen.com/english/advisories/2009/0776 http://www.vupen.com/english/advisories/2009/0777 http://www.vupen.com/english/advisories/2009/0816 XForce ISS Database: ghostscript-icclib-native-color-bo(49329) https://exchange.xforce.ibmcloud.com/vulnerabilities/49329 Common Vulnerability Exposure (CVE) ID: CVE-2009-0584 http://osvdb.org/52988 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10544 XForce ISS Database: ghostscript-icclib-bo(49327) https://exchange.xforce.ibmcloud.com/vulnerabilities/49327 Common Vulnerability Exposure (CVE) ID: CVE-2009-0792 https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00211.html https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00217.html https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00460.html https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00461.html http://security.gentoo.org/glsa/glsa-201412-17.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11207 http://secunia.com/advisories/34667 http://secunia.com/advisories/34711 SuSE Security Announcement: SUSE-SR:2009:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html XForce ISS Database: ghostscript-icc-bo(50381) https://exchange.xforce.ibmcloud.com/vulnerabilities/50381
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.