Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1002

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1002
Last Modified 05 Sep 2008 04:25:26
Published 31 Aug 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1002

Summary

The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands.

Vulnerable Systems

Operating System

  • Redhat Linux 6.2

  • Redhat Linux 7.0

  • Redhat Linux 7.1


References

BID - 3241

REDHAT - RHSA-2001:102

BUGTRAQ - 20010827 LPRng/rhs-printfilters - remote execution of commands

XF - dvips-lpd-command-execution(16509)


Last Updated: 27 May 2016 10:36:28