Vulnerability Description
The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Linux | 6.2 |
References
- http://marc.info/?l=bugtraq&m=99892644616749&w=2
- http://www.redhat.com/support/errata/RHSA-2001-102.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/3241PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16509
- http://marc.info/?l=bugtraq&m=99892644616749&w=2
- http://www.redhat.com/support/errata/RHSA-2001-102.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/3241PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16509
FAQ
What is CVE-2001-1002?
CVE-2001-1002 is a vulnerability with a CVSS score of 7.5 (HIGH). The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain p...
How severe is CVE-2001-1002?
CVE-2001-1002 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1002?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Linux.