 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.51228 |
| Category: | Red Hat Local Security Checks |
| Title: | RedHat Security Advisory RHSA-2002:211 |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing updates announced in advisory RHSA-2002:211. Updated packages for gv, ggv, and kdegraphics fix a local buffer overflow when reading malformed PDF or PostScript files. [Updated 07 Jan 2003] Added fixed packages for the Itanium (IA64) architecture. [Updated 06 Feb 2003] Added fixed packages for Advanced Workstation 2.1 Gv and ggv are user interfaces for the Ghostscript PostScript(R) interpreter used to display PostScript and PDF documents on an X Window System. KGhostview is the PostScript viewer for the K Desktop Environment. Zen Parse found a local buffer overflow in gv version 3.5.8 and earlier. An attacker can create a carefully crafted malformed PDF or PostScript file in such a way that when that file is viewed arbitrary commands can be executed. ggv and kghostview contain code derived from gv and therefore have the same vulnerability. All users of gv, ggv, and kghostview are advised to upgrade to the errata packages which contain patches to correct the vulnerability. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2002-211.html http://marc.theaimsgroup.com/?l=bugtraq&m=103305778615625&w=2 Risk factor : Medium CVSS Score: 4.6 |
| Cross-Ref: |
BugTraq ID: 5808 Common Vulnerability Exposure (CVE) ID: CVE-2002-0838 http://www.securityfocus.com/bid/5808 Bugtraq: 20020926 Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv (Google Search) http://marc.info/?l=bugtraq&m=103305778615625&w=2 Bugtraq: 20020926 iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv (Google Search) http://marc.info/?l=bugtraq&m=103305615613319&w=2 Bugtraq: 20021017 GLSA: ggv (Google Search) http://marc.info/?l=bugtraq&m=103487806800388&w=2 Caldera Security Advisory: CSSA-2002-053.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-053.0.txt CERT/CC vulnerability note: VU#600777 http://www.kb.cert.org/vuls/id/600777 Conectiva Linux advisory: CLA-2002:542 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000542 Debian Security Information: DSA-176 (Google Search) http://www.debian.org/security/2002/dsa-176 Debian Security Information: DSA-179 (Google Search) http://www.debian.org/security/2002/dsa-179 Debian Security Information: DSA-182 (Google Search) http://www.debian.org/security/2002/dsa-182 http://www.mandriva.com/security/advisories?name=MDKSA-2002:069 http://www.mandriva.com/security/advisories?name=MDKSA-2002:071 http://www.redhat.com/support/errata/RHSA-2002-207.html http://www.redhat.com/support/errata/RHSA-2002-212.html http://www.redhat.com/support/errata/RHSA-2002-220.html http://www.iss.net/security_center/static/10201.php |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |