CVE-2001-1002

Name of the Vulnerable Software and Affected Versions Red Hat Linux versions 7.0 and earlier tetex-doc versions 1.0.6 through 1.0.7 tetex-fonts versions 1.0.6 through 1.0.7 tetex-afm versions 1.0.6 through 1.0.7 tetex-dvips versions 1.0.6 through 1.0.7 tetex-xdvi versions 1.0.6 through 1.0.7 tetex-latex versions 1.0.6 through 1.0.7 tetex-dvilj versions 1.0.6 through 1.0.7 tetex versions 1.0.6 through 1.0.7

Description The issue affects the default configuration of the DVI print filter (dvips) in Red Hat Linux, which does not run dvips in secure mode when executed by lpd. This could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands. The vulnerability can be exploited remotely and may lead to a violation of confidentiality, integrity, and availability of protected information.

Recommendations For Red Hat Linux version 7.0 and earlier, consider updating the configuration to run dvips in secure mode. For tetex-doc versions 1.0.6 through 1.0.7, tetex-fonts versions 1.0.6 through 1.0.7, tetex-afm versions 1.0.6 through 1.0.7, tetex-dvips versions 1.0.6 through 1.0.7, tetex-xdvi versions 1.0.6 through 1.0.7, tetex-latex versions 1.0.6 through 1.0.7, tetex-dvilj versions 1.0.6 through 1.0.7, and tetex versions 1.0.6 through 1.0.7, there is no information about a newer version that contains a fix for this vulnerability.