Test Kennung:	1.3.6.1.4.1.25623.1.1.2.2017.1101
Kategorie:	Huawei EulerOS Local Security Checks
Titel:	Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2017-1101)
Zusammenfassung:	The remote host is missing an update for the Huawei EulerOS 'ghostscript' package(s) announced via the EulerOS-SA-2017-1101 advisory.
Beschreibung:	Summary: The remote host is missing an update for the Huawei EulerOS 'ghostscript' package(s) announced via the EulerOS-SA-2017-1101 advisory. Vulnerability Insight: It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection. (CVE-2017-8291) Affected Software/OS: 'ghostscript' package(s) on Huawei EulerOS V2.0SP2. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-8291 BugTraq ID: 98476 http://www.securityfocus.com/bid/98476 Debian Security Information: DSA-3838 (Google Search) http://www.debian.org/security/2017/dsa-3838 https://www.exploit-db.com/exploits/41955/ https://security.gentoo.org/glsa/201708-06 http://openwall.com/lists/oss-security/2017/04/28/2 https://bugs.ghostscript.com/show_bug.cgi?id=697808 https://bugzilla.redhat.com/show_bug.cgi?id=1446063 https://bugzilla.suse.com/show_bug.cgi?id=1036453 RedHat Security Advisories: RHSA-2017:1230 https://access.redhat.com/errata/RHSA-2017:1230
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.