dvips执行任意命令漏洞-一一网

dvips执行任意命令漏洞

4年前更新

1240

漏洞信息详情

dvips执行任意命令漏洞

CNNVD编号：CNNVD-200210-313

危害等级：高危
CVE编号：
CVE-2002-0836
漏洞类型：

访问验证错误
发布时间：

2002-10-28
威胁类型：

远程
更新时间：

2005-05-13
厂商：

redhat
漏洞来源：
Discovery credited…

漏洞简介

用于tetex包的Postscript文件中dvips转换器不安全调用system()函数。远程攻击者可以借助某些打印工作执行任意命令，其中可能包含打印字体。

漏洞公告

Red Hat has released RHSA-2002:195-10, which includes fixes to address this issue for Enterprise customers. Further details regarding obtaining and applying fixes are available in the referenced advisory.
RedHat has released RHSA-2002:194-18, which includes fixes. Further details are available in the advisory.
HP has released an advisory for HP Secure OS Software fo Linux. Users are adviced to upgrade using the fixes supplied in the RedHat advisory.
Mandrake has released MDKSA-2002:070, which includes fixes. Further details are available in the advisory.
Conectiva Linux has released a security advisory containing fixes. Further details are available in the advisory.
OpenPKG has released OpenPKG-SA-2002.015, which contains fix information. Further details about obtaining fixes are available in the referenced advisory.
Fixes:
teTeX teTeX 1.0.6

Debian libkpathsea-dev_1.0.7+20011202-7.1_alpha.debDebian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-d
ev_1.0.7+20011202-7.1_alpha.deb
Debian libkpathsea3_1.0.7+20011202-7.1_alpha.debDebian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_
1.0.7+20011202-7.1_alpha.deb
Debian libkpathsea3_1.0.7+20011202-7.1_arm.debDebian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_
1.0.7+20011202-7.1_arm.deb
Debian tetex-bin_1.0.6-7.3_alpha.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0
.6-7.3_alpha.deb
Debian tetex-bin_1.0.6-7.3_arm.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0
.6-7.3_arm.deb
Debian tetex-bin_1.0.6-7.3_i386.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0
.6-7.3_i386.deb
Debian tetex-bin_1.0.6-7.3_m68k.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0
.6-7.3_m68k.deb
Debian tetex-bin_1.0.6-7.3_powerpc.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0
.6-7.3_powerpc.deb
Debian tetex-bin_1.0.6-7.3_sparc.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0
.6-7.3_sparc.deb
Debian tetex-bin_1.0.7+20011202-7.1_alpha.debDebian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_1.0
.7+20011202-7.1_alpha.deb
Debian tetex-dev_1.0.6-7.3_alpha.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-dev_1.0
.6-7.3_alpha.deb
Debian tetex-dev_1.0.6-7.3_arm.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-dev_1.0
.6-7.3_arm.deb
Debian tetex-dev_1.0.6-7.3_i386.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-dev_1.0
.6-7.3_i386.deb
Debian tetex-dev_1.0.6-7.3_m68k.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-dev_1.0
.6-7.3_m68k.deb
Debian tetex-dev_1.0.6-7.3_powerpc.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-dev_1.0
.6-7.3_powerpc.deb
Debian tetex-dev_1.0.6-7.3_sparc.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-dev_1.0
.6-7.3_sparc.deb
Debian tetex-lib_1.0.6-7.3_alpha.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-lib_1.0
.6-7.3_alpha.deb
Debian tetex-lib_1.0.6-7.3_arm.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-lib_1.0
.6-7.3_arm.deb
Debian tetex-lib_1.0.6-7.3_i386.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-lib_1.0
.6-7.3_i386.deb
Debian tetex-lib_1.0.6-7.3_m68k.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-lib_1.0
.6-7.3_m68k.deb
Debian tetex-lib_1.0.6-7.3_powerpc.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-lib_1.0
.6-7.3_powerpc.deb
Debian tetex-lib_1.0.6-7.3_sparc.debDebian GNU/Linux 2.2 alias potato.

http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-lib_1.0
.6-7.3_sparc.deb

teTeX teTeX 1.0.7

受影响实体

Redhat Linux:8.0
Redhat Linux:8.0:I386
Redhat Linux:7.3
Redhat Linux:7.3:I386
Redhat Linux:7.2:Ia64

© 版权声明

文章版权归作者所有，未经允许请勿转载。

THE END

喜欢就支持一下吧

相关推荐