漏洞信息详情

NetPBM PSToPNM 任意代码执行漏洞

• CNNVD编号：CNNVD-200508-059
• 危害等级： 高危
  
• CVE编号： CVE-2005-2471
• 漏洞类型： 设计错误
• 发布时间： 2005-08-05
• 威胁类型： 远程
• 更新时间： 2006-08-28
• 厂        商： netpbm
• 漏洞来源： reported this issue.');">Max Vozeler <>

漏洞简介

当调用Ghostscript将PostScript文件转换成(1) PBM，(2) PGM或(3)PNM文件时，netpbm中的pstopnm不能正确地使用\"-dSAFER\"选项。这使得外部用户辅助攻击者可以执行任意的命令。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

Conectiva Linux 10.0

Conectiva postgresql-7.4.2-57056U10_1cl.i386.rpm

Conectiva 10

ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-7.4.2-57056U10_ 1cl.i386.rpm

Conectiva postgresql-clients-7.4.2-57056U10_1cl.i386.rpm

Conectiva 10

ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-clients-7.4.2-5 7056U10_1cl.i386.rpm

Conectiva postgresql-contrib-7.4.2-57056U10_1cl.i386.rpm

Conectiva 10

ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-contrib-7.4.2-5 7056U10_1cl.i386.rpm

Conectiva postgresql-devel-static-7.4.2-57056U10_1cl.i386.rpm

Conectiva 10

ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-devel-static-7. 4.2-57056U10_1cl.i386.rpm

Conectiva postgresql-doc-7.4.2-57056U10_1cl.i386.rpm

Conectiva 10

ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-doc-7.4.2-57056 U10_1cl.i386.rpm

Conectiva postgresql-tcl-7.4.2-57056U10_1cl.i386.rpm

Conectiva 10

ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-tcl-7.4.2-57056 U10_1cl.i386.rpm

Conectiva postgresql-test-7.4.2-57056U10_1cl.i386.rpm

Conectiva 10

ftp://atualizacoes.conectiva.com.br/10/RPMS/postgresql-test-7.4.2-5705 6U10_1cl.i386.rpm

Netpbm Netpbm 10.0

Debian libnetpbm10-dev_10.0-8sarge3_alpha.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_alpha.deb

Debian libnetpbm10-dev_10.0-8sarge3_amd64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_amd64.deb

Debian libnetpbm10-dev_10.0-8sarge3_arm.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_arm.deb

Debian libnetpbm10-dev_10.0-8sarge3_hppa.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_hppa.deb

Debian libnetpbm10-dev_10.0-8sarge3_i386.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_i386.deb

Debian libnetpbm10-dev_10.0-8sarge3_ia64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_ia64.deb

Debian libnetpbm10-dev_10.0-8sarge3_m68k.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_m68k.deb

Debian libnetpbm10-dev_10.0-8sarge3_mips.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_mips.deb

Debian libnetpbm10-dev_10.0-8sarge3_mipsel.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_mipsel.deb

Debian libnetpbm10-dev_10.0-8sarge3_powerpc.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_powerpc.deb

Debian libnetpbm10-dev_10.0-8sarge3_s390.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_s390.deb

Debian libnetpbm10-dev_10.0-8sarge3_sparc.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 -dev_10.0-8sarge3_sparc.deb

Debian libnetpbm10_10.0-8sarge3_alpha.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 _10.0-8sarge3_alpha.deb

Debian libnetpbm10_10.0-8sarge3_amd64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 _10.0-8sarge3_amd64.deb

Debian libnetpbm10_10.0-8sarge3_arm.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 _10.0-8sarge3_arm.deb

Debian libnetpbm10_10.0-8sarge3_hppa.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10 _10.0-8sarge3_hppa.deb

Debian libnetpbm10_10.0-8sarge3_i386.deb

D

参考网址

来源: XF

名称: netpbm-dsafer-command-execution(21500)

链接:http://xforce.iss.net/xforce/xfdb/21500

来源: TRUSTIX

名称: 2005-0038

链接:http://www.trustix.org/errata/2005/0038/

来源: BID

名称: 14379

链接:http://www.securityfocus.com/bid/14379

来源: REDHAT

名称: RHSA-2005:743

链接:http://www.redhat.com/support/errata/RHSA-2005-743.HTML

来源: OSVDB

名称: 18253

链接:http://www.osvdb.org/18253

来源: SUSE

名称: SUSE-SR:2005:019

链接:http://www.novell.com/linux/security/advisories/2005_19_sr.HTML

来源: DEBIAN

名称: DSA-1021

链接:http://www.debian.org/security/2006/dsa-1021

来源: SECTRACK

名称: 1014752

链接:http://securitytracker.com/id?1014752

来源: SECUNIA

名称: 19436

链接:http://secunia.com/advisories/19436

来源: SECUNIA

名称: 18330

链接:http://secunia.com/advisories/18330

来源: SECUNIA

名称: 16184

链接:http://secunia.com/advisories/16184

来源: MISC

链接:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757

受影响实体

• Netpbm Netpbm:2.10.0.8  

补丁

暂无