CVE-2002-0836

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2002-0836
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.redhat.com/support/errata/RHSA-2002-194.html Patch Vendor Advisory
http://www.securityfocus.com/bid/5978 Patch Vendor Advisory
http://www.debian.org/security/2002/dsa-207 Patch Vendor Advisory
http://www.iss.net/security_center/static/10365.php Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2002-195.html
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000537
http://www.securityfocus.com/advisories/4567
http://www.kb.cert.org/vuls/id/169841 US Government Resource
http://marc.info/?l=bugtraq&m=103497852330838&w=2
http://marc.info/?l=bugtraq&m=104005975415582&w=2
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*
cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*
cpe:2.3:o:redhat:linux:8.0:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*
Information

Published : 2002-10-27 21:00

Updated : 2016-10-17 19:22

NVD link : CVE-2002-0836

Mitre link : CVE-2002-0836

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

mandrakesoft

  • mandrake_linux

redhat

  • linux

hp

  • secure_os