National Vulnerability Database (NVD) National Vulnerability Database (CVE-2008-0411)

National Cyber Awareness System

Vulnerability Summary for CVE-2008-0411

Original release date:02/28/2008

Last revised:03/08/2011

Source: US-CERT/NIST

Overview

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:6.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type:Provides unauthorized access, Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: DEBIAN

Name: DSA-1510

Type: Patch Information

Hyperlink:http://www.debian.org/security/2008/dsa-1510

External Source: FEDORA

Name: FEDORA-2008-1998

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html

External Source: CONFIRM

Name: https://issues.rpath.com/browse/RPL-2217

Hyperlink:https://issues.rpath.com/browse/RPL-2217

External Source: VUPEN

Name: ADV-2008-0693

Hyperlink:http://www.vupen.com/english/advisories/2008/0693/references

External Source: UBUNTU

Name: USN-599-1

Hyperlink:http://www.ubuntu.com/usn/usn-599-1

External Source: SECTRACK

Name: 1019511

Hyperlink:http://www.securitytracker.com/id?1019511

External Source: BID

Name: 28017

Hyperlink:http://www.securityfocus.com/bid/28017

External Source: BUGTRAQ

Name: 20080228 Ghostscript buffer overflow

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/488946/100/0/threaded

External Source: BUGTRAQ

Name: 20080228 rPSA-2008-0082-1 espgs

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/488932/100/0/threaded

External Source: REDHAT

Name: RHSA-2008:0155

Hyperlink:http://www.redhat.com/support/errata/RHSA-2008-0155.html

External Source: MANDRIVA

Name: MDVSA-2008:055

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2008:055

External Source: GENTOO

Name: GLSA-200803-14

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml

External Source: CONFIRM

Name: http://wiki.rpath.com/Advisories:rPSA-2008-0082

Hyperlink:http://wiki.rpath.com/Advisories:rPSA-2008-0082

External Source: SLACKWARE

Name: SSA:2008-062-01

Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.370633

External Source: SECUNIA

Name: 29768

Hyperlink:http://secunia.com/advisories/29768

External Source: SECUNIA

Name: 29314

Hyperlink:http://secunia.com/advisories/29314

External Source: SECUNIA

Name: 29196

Hyperlink:http://secunia.com/advisories/29196

External Source: SECUNIA

Name: 29169

Hyperlink:http://secunia.com/advisories/29169

External Source: SECUNIA

Name: 29154

Hyperlink:http://secunia.com/advisories/29154

External Source: SECUNIA

Name: 29147

Hyperlink:http://secunia.com/advisories/29147

External Source: SECUNIA

Name: 29135

Hyperlink:http://secunia.com/advisories/29135

External Source: SECUNIA

Name: 29112

Hyperlink:http://secunia.com/advisories/29112

External Source: SECUNIA

Name: 29103

Hyperlink:http://secunia.com/advisories/29103

External Source: SECUNIA

Name: 29101

Hyperlink:http://secunia.com/advisories/29101

External Source: MISC

Name: http://scary.beasts.org/security/CESA-2008-001.html

Hyperlink:http://scary.beasts.org/security/CESA-2008-001.html

External Source: OVAL

Name: oval:org.mitre.oval:def:9557

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9557

External Source: SUSE

Name: SUSE-SA:2008:010

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html

References to Check Content

Identifier:oval:org.mitre.oval:def:9557

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9557

Vulnerable software and versions

Configuration 1

AND

cpe:/o:debian:debian_linux:3.1

cpe:/o:debian:debian_linux:3.1::alpha

cpe:/o:debian:debian_linux:3.1::amd64

cpe:/o:debian:debian_linux:3.1::arm

cpe:/o:debian:debian_linux:3.1::hppa

cpe:/o:debian:debian_linux:3.1::ia-32

cpe:/o:debian:debian_linux:3.1::ia-64

cpe:/o:debian:debian_linux:3.1::m68k

cpe:/o:debian:debian_linux:3.1::mips

cpe:/o:debian:debian_linux:3.1::mipsel

cpe:/o:debian:debian_linux:3.1::ppc

cpe:/o:debian:debian_linux:3.1::s-390

cpe:/o:debian:debian_linux:3.1::sparc

cpe:/o:debian:debian_linux:4.0

cpe:/o:debian:debian_linux:4.0::alpha

cpe:/o:debian:debian_linux:4.0::amd64

cpe:/o:debian:debian_linux:4.0::arm

cpe:/o:debian:debian_linux:4.0::hppa

cpe:/o:debian:debian_linux:4.0::ia-32

cpe:/o:debian:debian_linux:4.0::ia-64

cpe:/o:debian:debian_linux:4.0::m68k

cpe:/o:debian:debian_linux:4.0::mips

cpe:/o:debian:debian_linux:4.0::mipsel

cpe:/o:debian:debian_linux:4.0::powerpc

cpe:/o:debian:debian_linux:4.0::s-390

cpe:/o:debian:debian_linux:4.0::sparc

cpe:/o:mandrakesoft:mandrake_linux:2007

cpe:/o:mandrakesoft:mandrake_linux:2007.0_x86_64

cpe:/o:mandrakesoft:mandrake_linux:2007.1

cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64

cpe:/o:mandrakesoft:mandrake_linux:2008.0

cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64

cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0

cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0

cpe:/o:mandrakesoft:mandrakesoft_corporate_server:3.0_x86_64

cpe:/o:mandrakesoft:mandrakesoft_corporate_server:4.0_x86_64

cpe:/o:redhat:desktop:3.0

cpe:/o:redhat:desktop:4.0

cpe:/o:redhat:enterprise_linux:5::server

cpe:/o:redhat:enterprise_linux:as_3

cpe:/o:redhat:enterprise_linux:as_4

cpe:/o:redhat:enterprise_linux:es_3

cpe:/o:redhat:enterprise_linux:es_4

cpe:/o:redhat:enterprise_linux:ws_3

cpe:/o:redhat:enterprise_linux:ws_4

cpe:/o:redhat:enterprise_linux_desktop:5::client

cpe:/o:redhat:enterprise_linux_desktop_workstation:5::client

cpe:/o:rpath:rpath_linux:1

cpe:/o:suse:novell_linux_pos:9

cpe:/o:suse:open_suse:10.2

cpe:/o:suse:open_suse:10.3

cpe:/o:suse:suse_linux:10.1::ppc

cpe:/o:suse:suse_linux:10.1::x86

cpe:/o:suse:suse_linux:10.1::x86_64

cpe:/o:suse:suse_linux:10:sp1:enterprise_desktop

cpe:/o:suse:suse_linux:10:sp1:enterprise_server

cpe:/o:suse:suse_linux:9.0::enterprise_server

cpe:/o:suse:suse_open_enterprise_server:0

* cpe:/a:ghostscript:ghostscript:8.61 and previous versions

Configuration 2

AND

cpe:/o:debian:debian_linux:3.1

cpe:/o:debian:debian_linux:3.1::alpha

cpe:/o:debian:debian_linux:3.1::amd64

cpe:/o:debian:debian_linux:3.1::arm

cpe:/o:debian:debian_linux:3.1::hppa

cpe:/o:debian:debian_linux:3.1::ia-32

cpe:/o:debian:debian_linux:3.1::ia-64

cpe:/o:debian:debian_linux:3.1::m68k

cpe:/o:debian:debian_linux:3.1::mips

cpe:/o:debian:debian_linux:3.1::mipsel

cpe:/o:debian:debian_linux:3.1::ppc

cpe:/o:debian:debian_linux:3.1::s-390

cpe:/o:debian:debian_linux:3.1::sparc

cpe:/o:debian:debian_linux:4.0

cpe:/o:debian:debian_linux:4.0::alpha

cpe:/o:debian:debian_linux:4.0::amd64

cpe:/o:debian:debian_linux:4.0::arm

cpe:/o:debian:debian_linux:4.0::hppa

cpe:/o:debian:debian_linux:4.0::ia-32

cpe:/o:debian:debian_linux:4.0::ia-64

cpe:/o:debian:debian_linux:4.0::m68k

cpe:/o:debian:debian_linux:4.0::mips

cpe:/o:debian:debian_linux:4.0::mipsel

cpe:/o:debian:debian_linux:4.0::powerpc

cpe:/o:debian:debian_linux:4.0::s-390

cpe:/o:debian:debian_linux:4.0::sparc

* cpe:/a:ghostscript:ghostscript:0

* cpe:/a:ghostscript:ghostscript:8.0.1

* cpe:/a:ghostscript:ghostscript:8.15

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Buffer Errors (CWE-119)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411