The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Linux | Redhat | 6.2 (including) | 6.2 (including) |
| Linux | Redhat | 7.0 (including) | 7.0 (including) |
| Linux | Redhat | 7.1 (including) | 7.1 (including) |
| Red Hat Linux 5.2 | RedHat | * | |
| Red Hat Linux 6.2 | RedHat | * | |
| Red Hat Linux 7.0 | RedHat | * | |
| Red Hat Linux 7.0j | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * |
References
- http://marc.info/?l=bugtraq\u0026m=99892644616749\u0026w=2
- http://www.redhat.com/support/errata/RHSA-2001-102.html
- http://www.securityfocus.com/bid/3241
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16509
- http://marc.info/?l=bugtraq\u0026m=99892644616749\u0026w=2
- http://www.redhat.com/support/errata/RHSA-2001-102.html
- http://www.securityfocus.com/bid/3241
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16509