361 matches found
Debian DSA-599-1 : tetex-bin - integer overflows
Chris Evans discovered several integer overflows in xpdf, that are also present in tetex-bin, binary files for the teTeX distribution, which can be exploited remotely by a specially crafted PDF document and lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security,...
[SECURITY] [DSA 599-1] New tetex-bin packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 599-1 [email protected] http://www.debian.org/security/ Martin Schulze November 25th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 599-1] New tetex-bin packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 599-1 [email protected] http://www.debian.org/security/ Martin Schulze November 25th, 2004 http://www.debian.org/security/faq -...
DSA-599-1 tetex-bin - integer overflows
Bulletin has no description...
USN-9-1: tetex-bin vulnerabilities
Chris Evans and Marcus Meissner recently discovered several integer overflow vulnerabilities in xpdf, a viewer for PDF files. Because tetex-bin contains xpdf code, it is also affected. These vulnerabilities could be exploited by an attacker providing a specially crafted TeX, LaTeX, or PDF file...
Debian DSA-207-1 : tetex-bin - arbitrary command execution
The SuSE security team discovered a vulnerability in kpathsea library libkpathsea which is used by xdvi and dvips. Both programs call the system function insecurely, which allows a remote attacker to execute arbitrary commands via cleverly crafted DVI files. If dvips is used in a print filter, th...
CVE-2002-0836
The CVE-2002-0836 issue affects the tetex family (notably dvips in tetex-bin) where the kpathsea/library code calls system() insecurely. This enables remote command execution via crafted DVI/print jobs, potentially involving fonts. See related advisories (Debian DSA-207-1, RHSA-2002:195, etc.) de...
Mandrake Linux Security Advisory : tetex (MDKSA-2001:086)
A problem was discovered in the temporary file handling capabilities of some teTeX filters by zen-parse. These filters are used as print filters automatically when printing .dvi files using lpr. This can lead to elevated privileges. This update relies on the updated mktemp packages for 7.x in...
RHEL 2.1 : tetex (RHSA-2002:195)
Updated packages for dvips are available which fix a vulnerability allowing print users to execute arbitrary commands. Updated 13 Aug 2003 Added tetex-doc package that was originally left out of the errata. The dvips utility converts DVI format into PostScriptTM, and is used in Red Hat Linux as a...
[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 207-1 [email protected] http://www.debian.org/security/ Martin Schulze December 11th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 207-1 [email protected] http://www.debian.org/security/ Martin Schulze December 11th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 207-1 [email protected] http://www.debian.org/security/ Martin Schulze December 11th, 2002 http://www.debian.org/security/faq -...
CVE-2001-0906
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr...
CVE-2001-0906
CVE-2001-0906 affects the teTeX filter before 1.0.7. Local users can gain privileges via a symlink attack on temporary files created when printing .dvi files with lpr. Root cause: insecure temporary file handling. Affected advisories reference the need for updated mktemp-based handling; Mandrake ...
LPRng/rhs-printfilters - remote execution of commands
posted to vendor security ppl, no reply, no patch, so posting here. --begin forwarded message-- RedHat 7.0 possibly others If the lpd is listening on 0.0.0.0 and no access controls are in place, it is possible to execute commands as the lp user, assuming tetex-dvips is installed. From man dvips...
RedHat 6.2/7.0/7.1 Lpd - Remote Command Execution via DVI Printfilter Configuration Error
source: https://www.securityfocus.com/bid/3241/info 'dvips' is a utility that converts DVI documents to PostScript. It is an optional component of the TeTeX text formatting package. When installed on a system where LPRnG and TeTeX are in use, 'dvips' will be invoked by 'lpd' when a DVI document i...
CVE-2001-0906
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr...
teTeX 1.0.7 - Filters Temporary File Race Condition
teTeX 1.0.7 - Filters Temporary File Race Condition / source: https://www.securityfocus.com/bid/2974/info teTeX is a TeX distribution for UNIX compatible systems. A race condition vulnerability exists in the temporary file handling method used by some teTeX filters. The problem exists because in...
LPRng + tetex tmpfile race - uid lp exploit
If the tetex package and LPRng are installed, there is an exploitable race condition with a tmp file that allows elevation of privs. It's fixed in rawhide, but that doesn't really help people who just use the provided up2date program to keep themselves secure. / Redhat 7.0 LPRng-3.7.4-23 and...
Проблема символьных линков в LPRng + TeTeX (symbolic link)
Проблема символьных лдинков дает возможность получить euid/egid lp...