Bug 33807 (CVE-2002-0836) - VUL-0: CVE-2002-0836: Security issues in dvips/xdvi
Summary: VUL-0: CVE-2002-0836: Security issues in dvips/xdvi
Status: RESOLVED FIXED
Alias: CVE-2002-0836
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: i386 Linux
: P3 - Medium : Major
Target Milestone: ---
Assignee: Roman Drahtmueller
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2002-0836: CVSS v2 Base Score: 7....
Keywords:
Depends on:
Blocks:
 
Reported: 2002-09-03 18:11 UTC by Olaf Kirch
Modified: 2021-09-28 07:54 UTC (History)
2 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
proposed patch (1.61 KB, patch)
2002-09-03 18:12 UTC, Olaf Kirch 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Olaf Kirch 2002-09-03 18:11:40 UTC 
dvips and xdvi do not properly check for funny font names in dvi files.
This can be exploited by putting font names including ";/bin/rm -rf ~" etcinto
the DVI file.

In particular, this bug can probably be exploited to gain privileges of
uid "lp" by submitting a DVI file to the print system and have it 
auto-converted to PostScript.

patch attached; will test it
Comment 1 Olaf Kirch 2002-09-03 18:12:30 UTC 
Created attachment 10340 [details]
proposed patch
Comment 2 Olaf Kirch 2002-09-03 19:15:52 UTC 
Submitted fixed package
Comment 3 Marcus Meissner 2007-03-24 15:48:39 UTC 
CVE-2002-0836
Comment 4 Thomas Biege 2009-10-13 19:32:52 UTC 
CVE-2002-0836: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)