Vulnerability Bulletins

int(1853)

Vulnerability Bulletins

Creación insegura de ficheros temporales en Ghostscript
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Integridad
Dificulty	Avanzado
Required attacker level	Acceso remoto con cuenta
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	Ghostscript
Description
Se ha descubierto una vulnerabilidad en Ghostscript. La vulnerabilidad reside en que los scripts pj-gs.sh, ps2epsi, pv.sh, y sysvlp.sh crean ficheros temporales de forma insegura. Un atacante local podría sobrescribir ficheros arbitrarios, en los que la víctima que ejecuta la aplicación tenga permiso de escritura, mediante un ataque de enlace simbólico.
Solution
Actualización de software Red Hat Red Hat Desktop (v. 3) / SRPMS ghostscript-7.05-32.1.10.src.rpm Red Hat Desktop (v. 3) / IA-32 ghostscript-7.05-32.1.10.i386.rpm ghostscript-devel-7.05-32.1.10.i386.rpm hpijs-1.3-32.1.10.i386.rpm Red Hat Desktop (v. 3) / x86_64 ghostscript-7.05-32.1.10.i386.rpm ghostscript-7.05-32.1.10.x86_64.rpm ghostscript-devel-7.05-32.1.10.x86_64.rpm hpijs-1.3-32.1.10.x86_64.rpm Red Hat Enterprise Linux AS (v. 3) / SRPMS ghostscript-7.05-32.1.10.src.rpm Red Hat Enterprise Linux AS (v. 3) / IA-32 ghostscript-7.05-32.1.10.i386.rpm ghostscript-devel-7.05-32.1.10.i386.rpm hpijs-1.3-32.1.10.i386.rpm Red Hat Enterprise Linux AS (v. 3) / IA-64 ghostscript-7.05-32.1.10.i386.rpm ghostscript-7.05-32.1.10.ia64.rpm ghostscript-devel-7.05-32.1.10.ia64.rpm hpijs-1.3-32.1.10.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / PPC ghostscript-7.05-32.1.10.ppc.rpm ghostscript-7.05-32.1.10.ppc64.rpm ghostscript-devel-7.05-32.1.10.ppc.rpm hpijs-1.3-32.1.10.ppc.rpm Red Hat Enterprise Linux AS (v. 3) / s390 ghostscript-7.05-32.1.10.s390.rpm ghostscript-devel-7.05-32.1.10.s390.rpm hpijs-1.3-32.1.10.s390.rpm Red Hat Enterprise Linux AS (v. 3) / s390x ghostscript-7.05-32.1.10.s390.rpm ghostscript-7.05-32.1.10.s390x.rpm ghostscript-devel-7.05-32.1.10.s390x.rpm hpijs-1.3-32.1.10.s390x.rpm Red Hat Enterprise Linux AS (v. 3) / x86_64 ghostscript-7.05-32.1.10.i386.rpm ghostscript-7.05-32.1.10.x86_64.rpm ghostscript-devel-7.05-32.1.10.x86_64.rpm hpijs-1.3-32.1.10.x86_64.rpm Red Hat Enterprise Linux ES (v. 3) / SRPMS ghostscript-7.05-32.1.10.src.rpm Red Hat Enterprise Linux ES (v. 3) / IA-32 ghostscript-7.05-32.1.10.i386.rpm ghostscript-devel-7.05-32.1.10.i386.rpm hpijs-1.3-32.1.10.i386.rpm Red Hat Enterprise Linux ES (v. 3) / IA-64 ghostscript-7.05-32.1.10.i386.rpm ghostscript-7.05-32.1.10.ia64.rpm ghostscript-devel-7.05-32.1.10.ia64.rpm hpijs-1.3-32.1.10.ia64.rpm Red Hat Enterprise Linux ES (v. 3) / x86_64 ghostscript-7.05-32.1.10.i386.rpm ghostscript-7.05-32.1.10.x86_64.rpm ghostscript-devel-7.05-32.1.10.x86_64.rpm hpijs-1.3-32.1.10.x86_64.rpm Red Hat Enterprise Linux WS (v. 3) / SRPMS ghostscript-7.05-32.1.10.src.rpm Red Hat Enterprise Linux WS (v. 3) / IA-32 ghostscript-7.05-32.1.10.i386.rpm ghostscript-devel-7.05-32.1.10.i386.rpm hpijs-1.3-32.1.10.i386.rpm Red Hat Enterprise Linux WS (v. 3) / IA-64 ghostscript-7.05-32.1.10.i386.rpm ghostscript-7.05-32.1.10.ia64.rpm ghostscript-devel-7.05-32.1.10.ia64.rpm hpijs-1.3-32.1.10.ia64.rpm Red Hat Enterprise Linux WS (v. 3) / x86_64 ghostscript-7.05-32.1.10.i386.rpm ghostscript-7.05-32.1.10.x86_64.rpm ghostscript-devel-7.05-32.1.10.x86_64.rpm hpijs-1.3-32.1.10.x86_64.rpm SGI Advanced Linux Environment 3 / RPM / Patch 10227 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS Advanced Linux Environment 3 / SRPM / Patch 10227 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS SCO OpenServer 6.0.0 ftp://ftp.sco.com/pub/openserver6/600/mp/osr600mp2/osr600mp2.iso UnixWare 7.1.4 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.23/p533156.714.image
Standar resources
Property	Value
CVE	CVE-2004-0967
BID	11285
Other resources
Red Hat Security Advisory (RHSA-2005:081-11) https://rhn.redhat.com/errata/RHSA-2005-081.html SGI Security Advisory (20051002-01-U) ftp://patches.sgi.com/support/free/security/advisories/20051002-01-U.asc SCO Security Advisory (SCOSA-2006.19) ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.19/SCOSA-2006.19.txt SCO Security Advisory SCOSA-2006.23 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.23/SCOSA-2006.23.txt

Version history
Version	Comments	Date
1.0	Aviso emitido	2005-10-04
1.1	Aviso emitido por SGI (20051002-01-U)	2005-10-21
1.2	Aviso emitido por SCO (SCOSA-2006.19)	2006-04-24
1.3	Aviso emitido por SCO (SCOSA-2006.23)	2006-05-10

Vulnerability Bulletins

Creación insegura de ficheros temporales en Ghostscript

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history