Lucene search
K

361 matches found

Tenable Nessus
Tenable Nessus
added 2004/11/26 12:0 a.m.21 views

Debian DSA-599-1 : tetex-bin - integer overflows

Chris Evans discovered several integer overflows in xpdf, that are also present in tetex-bin, binary files for the teTeX distribution, which can be exploited remotely by a specially crafted PDF document and lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security,...

10CVSS5.8AI score0.09334EPSS
Exploits0References3
Debian
Debian
added 2004/11/25 2:48 p.m.32 views

[SECURITY] [DSA 599-1] New tetex-bin packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 599-1 [email protected] http://www.debian.org/security/ Martin Schulze November 25th, 2004 http://www.debian.org/security/faq -...

10CVSS0.5AI score0.09334EPSS
Exploits0
Debian
Debian
added 2004/11/25 2:48 p.m.48 views

[SECURITY] [DSA 599-1] New tetex-bin packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 599-1 [email protected] http://www.debian.org/security/ Martin Schulze November 25th, 2004 http://www.debian.org/security/faq -...

10CVSS6.8AI score0.09334EPSS
Exploits0
OSV
OSV
added 2004/11/25 12:0 a.m.34 views

DSA-599-1 tetex-bin - integer overflows

Bulletin has no description...

10CVSS6.3AI score0.09334EPSS
Exploits0
Ubuntu
Ubuntu
added 2004/10/28 3:8 p.m.72 views

USN-9-1: tetex-bin vulnerabilities

Chris Evans and Marcus Meissner recently discovered several integer overflow vulnerabilities in xpdf, a viewer for PDF files. Because tetex-bin contains xpdf code, it is also affected. These vulnerabilities could be exploited by an attacker providing a specially crafted TeX, LaTeX, or PDF file...

10CVSS5.6AI score0.09334EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.25 views

Debian DSA-207-1 : tetex-bin - arbitrary command execution

The SuSE security team discovered a vulnerability in kpathsea library libkpathsea which is used by xdvi and dvips. Both programs call the system function insecurely, which allows a remote attacker to execute arbitrary commands via cleverly crafted DVI files. If dvips is used in a print filter, th...

7.5CVSS6AI score0.07953EPSS
Exploits0References2
CVE
CVE
added 2004/09/01 4:0 a.m.70 views

CVE-2002-0836

The CVE-2002-0836 issue affects the tetex family (notably dvips in tetex-bin) where the kpathsea/library code calls system() insecurely. This enables remote command execution via crafted DVI/print jobs, potentially involving fonts. See related advisories (Debian DSA-207-1, RHSA-2002:195, etc.) de...

7.5CVSS7.4AI score0.07953EPSS
Exploits0References11Affected Software3
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.19 views

Mandrake Linux Security Advisory : tetex (MDKSA-2001:086)

A problem was discovered in the temporary file handling capabilities of some teTeX filters by zen-parse. These filters are used as print filters automatically when printing .dvi files using lpr. This can lead to elevated privileges. This update relies on the updated mktemp packages for 7.x in...

6.2CVSS5.5AI score0.00945EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.28 views

RHEL 2.1 : tetex (RHSA-2002:195)

Updated packages for dvips are available which fix a vulnerability allowing print users to execute arbitrary commands. Updated 13 Aug 2003 Added tetex-doc package that was originally left out of the errata. The dvips utility converts DVI format into PostScriptTM, and is used in Red Hat Linux as a...

7.5CVSS6AI score0.07953EPSS
Exploits0References3
Debian
Debian
added 2002/12/11 4:37 p.m.21 views

[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 207-1 [email protected] http://www.debian.org/security/ Martin Schulze December 11th, 2002 http://www.debian.org/security/faq -...

7.5CVSS0.9AI score0.07953EPSS
Exploits0
Debian
Debian
added 2002/12/11 4:37 p.m.23 views

[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 207-1 [email protected] http://www.debian.org/security/ Martin Schulze December 11th, 2002 http://www.debian.org/security/faq -...

7.5CVSS7.2AI score0.07953EPSS
Exploits0
securityvulns
securityvulns
added 2002/12/11 12:0 a.m.44 views

[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 207-1 [email protected] http://www.debian.org/security/ Martin Schulze December 11th, 2002 http://www.debian.org/security/faq -...

7.5CVSS0.8AI score0.07953EPSS
Exploits0
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.12 views

CVE-2001-0906

teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr...

6.5AI score0.00945EPSS
Exploits1References6
CVE
CVE
added 2002/06/25 4:0 a.m.59 views

CVE-2001-0906

CVE-2001-0906 affects the teTeX filter before 1.0.7. Local users can gain privileges via a symlink attack on temporary files created when printing .dvi files with lpr. Root cause: insecure temporary file handling. Affected advisories reference the need for updated mktemp-based handling; Mandrake ...

6.2CVSS6.6AI score0.00945EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2001/08/28 12:0 a.m.30 views

LPRng/rhs-printfilters - remote execution of commands

posted to vendor security ppl, no reply, no patch, so posting here. --begin forwarded message-- RedHat 7.0 possibly others If the lpd is listening on 0.0.0.0 and no access controls are in place, it is possible to execute commands as the lp user, assuming tetex-dvips is installed. From man dvips...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2001/08/27 12:0 a.m.42 views

RedHat 6.2/7.0/7.1 Lpd - Remote Command Execution via DVI Printfilter Configuration Error

source: https://www.securityfocus.com/bid/3241/info 'dvips' is a utility that converts DVI documents to PostScript. It is an optional component of the TeTeX text formatting package. When installed on a system where LPRnG and TeTeX are in use, 'dvips' will be invoked by 'lpd' when a DVI document i...

7.4AI score
Exploits0
NVD
NVD
added 2001/06/22 4:0 a.m.9 views

CVE-2001-0906

teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr...

6.2CVSS6.5AI score0.00945EPSS
Exploits1References6
exploitpack
exploitpack
added 2001/06/22 12:0 a.m.17 views

teTeX 1.0.7 - Filters Temporary File Race Condition

teTeX 1.0.7 - Filters Temporary File Race Condition / source: https://www.securityfocus.com/bid/2974/info teTeX is a TeX distribution for UNIX compatible systems. A race condition vulnerability exists in the temporary file handling method used by some teTeX filters. The problem exists because in...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/06/22 12:0 a.m.35 views

LPRng + tetex tmpfile race - uid lp exploit

If the tetex package and LPRng are installed, there is an exploitable race condition with a tmp file that allows elevation of privs. It's fixed in rawhide, but that doesn't really help people who just use the provided up2date program to keep themselves secure. / Redhat 7.0 LPRng-3.7.4-23 and...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2001/06/22 12:0 a.m.51 views

Проблема символьных линков в LPRng + TeTeX (symbolic link)

Проблема символьных лдинков дает возможность получить euid/egid lp...

0.6AI score
Exploits0References1Affected Software2
Rows per page
Query Builder