dvips Arbitrary Command Execution Vulnerability

Bugtraq ID:	5978
Class:	Access Validation Error
CVE:	CAN-2002-0836
Remote:	Yes
Local:	No
Published:	Oct 16 2002 12:00AM
Updated:	Oct 16 2002 12:00AM
Credit:	Discovery credited to Olaf Kirch of SuSE.
Vulnerable:	teTeX teTeX 1.0.7 + Conectiva Linux 8.0 + Conectiva Linux 8.0 + Conectiva Linux 7.0 + Conectiva Linux 7.0 + Conectiva Linux 6.0 + Conectiva Linux 6.0 + Debian Linux 3.0 sparc + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 alpha + Debian Linux 3.0 + Debian Linux 3.0 + HP Secure OS software for Linux 1.0 + HP Secure OS software for Linux 1.0 + Immunix Immunix OS 7.0 beta + Immunix Immunix OS 7.0 beta + Immunix Immunix OS 7.0 + Immunix Immunix OS 7.0 + Immunix Immunix OS 6.2 + Immunix Immunix OS 6.2 + MandrakeSoft Corporate Server 1.0.1 + MandrakeSoft Corporate Server 1.0.1 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 + MandrakeSoft Linux Mandrake 8.0 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Linux Mandrake 7.1 + MandrakeSoft Linux Mandrake 7.1 + RedHat Desktop 3.0 + RedHat Desktop 3.0 + RedHat Enterprise Linux AS 3 + RedHat Enterprise Linux AS 3 + RedHat Enterprise Linux AS 2.1 IA64 + RedHat Enterprise Linux AS 2.1 IA64 + RedHat Enterprise Linux AS 2.1 + RedHat Enterprise Linux AS 2.1 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux ES 2.1 IA64 + RedHat Enterprise Linux ES 2.1 IA64 + RedHat Enterprise Linux ES 2.1 + RedHat Enterprise Linux ES 2.1 + RedHat Enterprise Linux WS 3 + RedHat Enterprise Linux WS 2.1 IA64 + RedHat Enterprise Linux WS 2.1 IA64 + RedHat Enterprise Linux WS 2.1 + RedHat Enterprise Linux WS 2.1 + RedHat Linux 8.0 i386 + RedHat Linux 8.0 i386 + RedHat Linux 8.0 + RedHat Linux 8.0 + RedHat Linux 7.3 i386 + RedHat Linux 7.3 i386 + RedHat Linux 7.3 + RedHat Linux 7.3 + RedHat Linux 7.2 ia64 + RedHat Linux 7.2 ia64 + RedHat Linux 7.2 i386 + RedHat Linux 7.2 i386 + RedHat Linux 7.2 + RedHat Linux 7.2 + RedHat Linux 7.1 ia64 + RedHat Linux 7.1 ia64 + RedHat Linux 7.1 i386 + RedHat Linux 7.1 i386 + RedHat Linux 7.1 alpha + RedHat Linux 7.1 alpha + RedHat Linux 7.1 + RedHat Linux 7.1 + RedHat Linux 7.0 i386 + RedHat Linux 7.0 i386 + RedHat Linux 7.0 alpha + RedHat Linux 7.0 alpha + RedHat Linux 7.0 + RedHat Linux 7.0 + RedHat Linux Advanced Work Station 2.1 + RedHat Linux Advanced Work Station 2.1 teTeX teTeX 1.0.6 + Debian Linux 2.2 sparc + Debian Linux 2.2 sparc + Debian Linux 2.2 powerpc + Debian Linux 2.2 powerpc + Debian Linux 2.2 IA-32 + Debian Linux 2.2 arm + Debian Linux 2.2 arm + Debian Linux 2.2 alpha + Debian Linux 2.2 alpha + Debian Linux 2.2 68k + Debian Linux 2.2 68k + Debian Linux 2.2 + Debian Linux 2.2 + RedHat Linux 6.2 sparc + RedHat Linux 6.2 sparc + RedHat Linux 6.2 i386 + RedHat Linux 6.2 i386 + RedHat Linux 6.2 alpha + RedHat Linux 6.2 alpha + RedHat Linux 6.2 + RedHat Linux 6.2

Not Vulnerable: