Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Apps N-Z :: a6153.htm

ps2epsi insecure temporary file creation



16th Apr 2003 [SBWID-6153]
COMMAND

	ps2epsi insecure temporary file creation

SYSTEMS AFFECTED

	version 0.3.3.0

PROBLEM

	Paul Szabo discovered insecure creation of a temporary file in  ps2epsi,
	a script that is most of the  time  distributed  as  part  of  gs-common
	which contains common files for different Ghostscript releases.  ps2epsi
	uses a temporary file in the process of invoking ghostscript. This  file
	was created in an insecure fashion, which could allow a  local  attacker
	to overwrite files owned by a user who invokes ps2epsi.

SOLUTION

	Upgrade.
	
	under debian, upgrade gs-common package.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH