CVE-2002-0836
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
| Software | From | Fixed in |
|---|---|---|
| redhat / linux | 7.2 | 7.2.x |
| mandrakesoft / mandrake_linux | 7.2 | 7.2.x |
| mandrakesoft / mandrake_linux | 8.2 | 8.2.x |
| redhat / linux | 7.0 | 7.0.x |
| redhat / linux | 6.2 | 6.2.x |
| mandrakesoft / mandrake_linux | 8.1 | 8.1.x |
| redhat / linux | 8.0 | 8.0.x |
| redhat / linux | 7.1 | 7.1.x |
| redhat / linux | 7.3 | 7.3.x |
| hp / secure_os | 1.0 | 1.0.x |
| mandrakesoft / mandrake_linux | 9.0 | 9.0.x |
| mandrakesoft / mandrake_linux | 8.0 | 8.0.x |
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000537
- http://marc.info/?l=bugtraq&m=103497852330838&w=2
- http://marc.info/?l=bugtraq&m=104005975415582&w=2
- http://www.debian.org/security/2002/dsa-207
- http://www.iss.net/security_center/static/10365.php
- http://www.kb.cert.org/vuls/id/169841
- http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php
- http://www.redhat.com/support/errata/RHSA-2002-194.html
- http://www.redhat.com/support/errata/RHSA-2002-195.html
- http://www.securityfocus.com/advisories/4567
- http://www.securityfocus.com/bid/5978
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime