A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - ghostscript: Attempting to open a carefully crafted PDF file results in long-running computation (699856)     (CVE-2018-19478)

  - ghostscript: heap buffer over write vulnerability in GhostScript's lp8000_print_page() in gdevlp8k.c     (CVE-2020-27792)

  - An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through     10.02.0 allows remote attackers to crash the application via a dangling pointer. (CVE-2023-46751)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

According to the versions of the ghostscript packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the     gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering     the heap buffer overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the     gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering     the heap buffer overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of ghostscript installed on the remote host is prior to 8.70-24.27. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1725 advisory.

  - A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in     gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer     overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ghostscript installed on the remote host is prior to 9.25-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1947 advisory.

  - A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in     gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer     overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5643-1 advisory.

    It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system     were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause     GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue     only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27792)

    It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system     were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause     GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue     only affected Ubuntu 22.04 LTS. (CVE-2022-2085)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5618-1 advisory.

    It was discovered the Ghostscript incorrectly handled memory when processing certain inputs. By tricking a     user into opening a specially crafted PDF file, an attacker could cause the program to crash.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3096 advisory.

  - A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in     gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer     overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
198865	RHEL 8 : ghostscript (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	high
178874	EulerOS Virtualization 3.0.6.6 : ghostscript (EulerOS-SA-2023-2423)	Nessus	Huawei Local Security Checks	high
177074	EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2023-2144)	Nessus	Huawei Local Security Checks	high
173933	Amazon Linux AMI : ghostscript (ALAS-2023-1725)	Nessus	Amazon Linux Local Security Checks	high
171813	Amazon Linux 2 : ghostscript (ALAS-2023-1947)	Nessus	Amazon Linux Local Security Checks	high
165504	Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Ghostscript vulnerabilities (USN-5643-1)	Nessus	Ubuntu Local Security Checks	high
165278	Ubuntu 16.04 ESM : Ghostscript vulnerability (USN-5618-1)	Nessus	Ubuntu Local Security Checks	high
164676	Debian DLA-3096-1 : ghostscript - LTS security update	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2020-27792

high

Tenable Plugins

high

high

high

high

high

high

high

high