Bug 33807 (CVE-2002-0836)

Summary: VUL-0: CVE-2002-0836: Security issues in dvips/xdvi
Product: [Novell Products] SUSE Security Incidents Reporter: Olaf Kirch <okir>
Component: IncidentsAssignee: Roman Drahtmueller <draht>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P3 - Medium CC: security-team, werner
Version: unspecified   
Target Milestone: ---   
Hardware: i386   
OS: Linux   
Whiteboard: CVE-2002-0836: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: proposed patch

Description Olaf Kirch 2002-09-03 18:11:40 UTC 
dvips and xdvi do not properly check for funny font names in dvi files.
This can be exploited by putting font names including ";/bin/rm -rf ~" etcinto
the DVI file.

In particular, this bug can probably be exploited to gain privileges of
uid "lp" by submitting a DVI file to the print system and have it 
auto-converted to PostScript.

patch attached; will test it
Comment 1 Olaf Kirch 2002-09-03 18:12:30 UTC 
Created attachment 10340 [details]
proposed patch
Comment 2 Olaf Kirch 2002-09-03 19:15:52 UTC 
Submitted fixed package
Comment 3 Marcus Meissner 2007-03-24 15:48:39 UTC 
CVE-2002-0836
Comment 4 Thomas Biege 2009-10-13 19:32:52 UTC 
CVE-2002-0836: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)