--------------------------------------------------------------------------
Debian Security Advisory DSA 207-1                     security@debian.org 
Debian -- Security Information                              Martin Schulze
December 11th, 2002                      Debian -- Debian security FAQ 
--------------------------------------------------------------------------

Package        : tetex-bin
Vulnerability  : arbitrary command execution
Problem-type   : remote
Debian-specific: no
CVE Id         : CAN-2002-0836

The SuSE security team discovered a vulnerability in kpathsea library
(libkpathsea) which is used by xdvi and dvips.  Both programs call the
system() function insecurely, which allows a remote attacker to
execute arbitrary commands via cleverly crafted DVI files.

If dvips is used in a print filter, this allows a local or remote
attacker with print permission execute arbitrary code as the printer
user (usually lp).

This problem has been fixed in version 1.0.7+20011202-7.1for the
current stable distribution (woody), in version 1.0.6-7.3 for the old
stable distribution (potato) and in version 1.0.7+20021025-4 for the
unstable distribution (sid).  xdvik-ja and dvipsk-ja are vulnerable as
well, but link to the kpathsea library dynamically and will
automatically be fixed after a new libkpathsea is installed.

We recommend that you upgrade your tetex-lib package immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato
---------------------------------

  Source archives:

      
      Size/MD5 checksum:      681 85d39461d6074e345475974700302ca5
      
      Size/MD5 checksum:    21219 fc56db28dde023dd14b8dfba2c305ed8
      
      Size/MD5 checksum:  7991177 6cb0539e028dc2629b59364c336e9f02

  Alpha architecture:

      
      Size/MD5 checksum:  3345472 92b942291b77f8bb1c51d47e7e442200
      
      Size/MD5 checksum:    86086 ffceb41144a78755652b05e62690503a
      
      Size/MD5 checksum:    46436 9a8301c361af3537ce71b671f290d118

  ARM architecture:

      
      Size/MD5 checksum:  3128872 a7d4c2fa53e548b25f3eff5260ce0cba
      
      Size/MD5 checksum:    66412 76eea8557db60db134f7e5c69667866e
      
      Size/MD5 checksum:    35326 805f9c77405093e812afac2fb151db44

  Intel IA-32 architecture:

      
      Size/MD5 checksum:  2656066 7a84a5905bf56c67a0eaf4d4fbd12ffd
      
      Size/MD5 checksum:    63794 262135c0af64616080f10573fb2af29d
      
      Size/MD5 checksum:    33194 4a042dc080fb61834fea8bd3b5c50123

  Motorola 680x0 architecture:

      
      Size/MD5 checksum:  2470542 b19ef2ede1a49f823b0ce189f010ed71
      
      Size/MD5 checksum:    63010 3f1d9c790839a271e8ad3371a062b99e
      
      Size/MD5 checksum:    33454 6821d66ef900023deb6a125d84f7436a

  PowerPC architecture:

      
      Size/MD5 checksum:  3064800 bb353bcc816dd2addc54c3f723a7314d
      
      Size/MD5 checksum:    74960 86fe8df6b1605a76e98ef435a9b4d94d
      
      Size/MD5 checksum:    37252 b3c71917f22d84c2bdb97c5b63532e52

  Sun Sparc architecture:

      
      Size/MD5 checksum:  3067948 ccbc6c50d89ee3ff1f4b62daf79748e2
      
      Size/MD5 checksum:    71708 01e2610c8d35a7bab8369e5f3ba1df71
      
      Size/MD5 checksum:    40442 6cf1c922eada4a22178a853142c91713


Debian GNU/Linux 3.0 alias woody
--------------------------------

  Source archives:

      
      Size/MD5 checksum:      874 8f366565d4f387475f6ef6bb9aa974d7
      
      Size/MD5 checksum: 10324253 f450e1704d90950f85bb31eefbf2f45e

  Alpha architecture:

      
      Size/MD5 checksum:    84650 d79e3667791a8110019cb2f96c0d0516
      
      Size/MD5 checksum:    52786 db83b6b35fc7b932aaf0e8f59ae7da7a
      
      Size/MD5 checksum:  4567604 70774235aa253481147d28d685abbaea

  ARM architecture:

      
      Size/MD5 checksum:    65274 90a77d388e36745006ec0aaa6417491d
      
      Size/MD5 checksum:    43402 108a54db3c99b58188cdee22b965c005
      
      Size/MD5 checksum:  3703124 8439e1875463efc76cbf58e37e17a33a

  Intel IA-32 architecture:

      
      Size/MD5 checksum:    62628 31a398d458ed0fd5939929f3afcd8e57
      
      Size/MD5 checksum:    40500 ade94b526f08f7edb80b7c8126578ad4
      
      Size/MD5 checksum:  3136836 98eedd394be628b62bf489ccf4ac7288

  Intel IA-64 architecture:

      
      Size/MD5 checksum:    89724 acd2ca69f8c92a269ecb53ac10b428dd
      
      Size/MD5 checksum:    63122 56fb6234748eab1261fe6779cc2bd5f9
      
      Size/MD5 checksum:  5597520 b4342bdcba6ea92adfc6fd547246e597

  HP Precision architecture:

      
      Size/MD5 checksum:    79348 686d1ad04aa6d07ebd33622f78d4c0b3
      
      Size/MD5 checksum:    49110 204b2d736e592c19a864e6edbe013db3
      
      Size/MD5 checksum:  4105546 a4eda30de5ed51e1c75f979a069b0c67

  Motorola 680x0 architecture:

      
      Size/MD5 checksum:    61940 79ae1c797a94286d2571431a387ed410
      
      Size/MD5 checksum:    41130 0ebbbf434a9981d68aadc166bf8ba264
      
      Size/MD5 checksum:  2922476 80cd4093b37cd3f67571d427c270cce7

  Big endian MIPS architecture:

      
      Size/MD5 checksum:    75094 05006f5ed906f1a154e2f653a7d43d19
      
      Size/MD5 checksum:    42156 71efe3f47f1cfe1fa94bc977832d14b3
      
      Size/MD5 checksum:  3941092 22b7964938513694d7665c832b234035

  Little endian MIPS architecture:

      
      Size/MD5 checksum:    74886 833cc732ed934563f5582b652dc4b056
      
      Size/MD5 checksum:    42350 4e50a31e4f219f53146a7f790bde4747
      
      Size/MD5 checksum:  3899354 17f6313d6073d1557c988e028b5a7bb0

  PowerPC architecture:

      
      Size/MD5 checksum:    73934 2a6a193f1acb64784473965cc49ac610
      
      Size/MD5 checksum:    45040 45b3a8a439e7eb68cc87f24ebe81e945
      
      Size/MD5 checksum:  3586312 9fa3b7e4c724db99e0214204b791123e

  IBM S/390 architecture:

      
      Size/MD5 checksum:    63928 f45e1a0bd5b9e69a3c8f9db16cd041df
      
      Size/MD5 checksum:    43052 489de74e0a77f1269fbd116ddbb922a3
      
      Size/MD5 checksum:  3383454 3ada8fc381e60370cdf037e817b3978c

  Sun Sparc architecture:

      
      Size/MD5 checksum:    70708 a34f6c87173cb0754e435cfd0040f7d3
      
      Size/MD5 checksum:    48512 e80f52795254d7fc3adac437a0898d97
      
      Size/MD5 checksum:  3598374 8b834d6c56cba09cbdb9402f4b263141


  These files will probably be moved into the stable distribution on
  its next revision.

---------------------------------------------------------------------------------
For apt-get: deb  Debian -- Security Information  stable/updates main
For dpkg-ftp:    dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and  http://packages.debian.org/

Debian: 'tetex-bin' Remote command execution

December 11, 2002
xdvi and dvips call thesystem() function insecurely, which allows a remote attacker toexecute arbitrary commands via cleverly crafted DVI files.

Summary

The SuSE security team discovered a vulnerability in kpathsea library
(libkpathsea) which is used by xdvi and dvips. Both programs call the
system() function insecurely, which allows a remote attacker to
execute arbitrary commands via cleverly crafted DVI files.

If dvips is used in a print filter, this allows a local or remote
attacker with print permission execute arbitrary code as the printer
user (usually lp).

This problem has been fixed in version 1.0.7+20011202-7.1for the
current stable distribution (woody), in version 1.0.6-7.3 for the old
stable distribution (potato) and in version 1.0.7+20021025-4 for the
unstable distribution (sid). xdvik-ja and dvipsk-ja are vulnerable as
well, but link to the kpathsea library dynamically and will
automatically be fixed after a new libkpathsea is installed.

We recommend that you upgrade your tetex-lib package immediately.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato
---------------------------------

Source archives:


Size/MD5 checksum: 681 85d39461d6074e345475974700302ca5

Size/MD5 checksum: 21219 fc56db28dde023dd14b8dfba2c305ed8

Size/MD5 checksum: 7991177 6cb0539e028dc2629b59364c336e9f02

Alpha architecture:


Size/MD5 checksum: 3345472 92b942291b77f8bb1c51d47e7e442200

Size/MD5 checksum: 86086 ffceb41144a78755652b05e62690503a

Size/MD5 checksum: 46436 9a8301c361af3537ce71b671f290d118

ARM architecture:


Size/MD5 checksum: 3128872 a7d4c2fa53e548b25f3eff5260ce0cba

Size/MD5 checksum: 66412 76eea8557db60db134f7e5c69667866e

Size/MD5 checksum: 35326 805f9c77405093e812afac2fb151db44

Intel IA-32 architecture:


Size/MD5 checksum: 2656066 7a84a5905bf56c67a0eaf4d4fbd12ffd

Size/MD5 checksum: 63794 262135c0af64616080f10573fb2af29d

Size/MD5 checksum: 33194 4a042dc080fb61834fea8bd3b5c50123

Motorola 680x0 architecture:


Size/MD5 checksum: 2470542 b19ef2ede1a49f823b0ce189f010ed71

Size/MD5 checksum: 63010 3f1d9c790839a271e8ad3371a062b99e

Size/MD5 checksum: 33454 6821d66ef900023deb6a125d84f7436a

PowerPC architecture:


Size/MD5 checksum: 3064800 bb353bcc816dd2addc54c3f723a7314d

Size/MD5 checksum: 74960 86fe8df6b1605a76e98ef435a9b4d94d

Size/MD5 checksum: 37252 b3c71917f22d84c2bdb97c5b63532e52

Sun Sparc architecture:


Size/MD5 checksum: 3067948 ccbc6c50d89ee3ff1f4b62daf79748e2

Size/MD5 checksum: 71708 01e2610c8d35a7bab8369e5f3ba1df71

Size/MD5 checksum: 40442 6cf1c922eada4a22178a853142c91713


Debian GNU/Linux 3.0 alias woody
--------------------------------

Source archives:


Size/MD5 checksum: 874 8f366565d4f387475f6ef6bb9aa974d7

Size/MD5 checksum: 10324253 f450e1704d90950f85bb31eefbf2f45e

Alpha architecture:


Size/MD5 checksum: 84650 d79e3667791a8110019cb2f96c0d0516

Size/MD5 checksum: 52786 db83b6b35fc7b932aaf0e8f59ae7da7a

Size/MD5 checksum: 4567604 70774235aa253481147d28d685abbaea

ARM architecture:


Size/MD5 checksum: 65274 90a77d388e36745006ec0aaa6417491d

Size/MD5 checksum: 43402 108a54db3c99b58188cdee22b965c005

Size/MD5 checksum: 3703124 8439e1875463efc76cbf58e37e17a33a

Intel IA-32 architecture:


Size/MD5 checksum: 62628 31a398d458ed0fd5939929f3afcd8e57

Size/MD5 checksum: 40500 ade94b526f08f7edb80b7c8126578ad4

Size/MD5 checksum: 3136836 98eedd394be628b62bf489ccf4ac7288

Intel IA-64 architecture:


Size/MD5 checksum: 89724 acd2ca69f8c92a269ecb53ac10b428dd

Size/MD5 checksum: 63122 56fb6234748eab1261fe6779cc2bd5f9

Size/MD5 checksum: 5597520 b4342bdcba6ea92adfc6fd547246e597

HP Precision architecture:


Size/MD5 checksum: 79348 686d1ad04aa6d07ebd33622f78d4c0b3

Size/MD5 checksum: 49110 204b2d736e592c19a864e6edbe013db3

Size/MD5 checksum: 4105546 a4eda30de5ed51e1c75f979a069b0c67

Motorola 680x0 architecture:


Size/MD5 checksum: 61940 79ae1c797a94286d2571431a387ed410

Size/MD5 checksum: 41130 0ebbbf434a9981d68aadc166bf8ba264

Size/MD5 checksum: 2922476 80cd4093b37cd3f67571d427c270cce7

Big endian MIPS architecture:


Size/MD5 checksum: 75094 05006f5ed906f1a154e2f653a7d43d19

Size/MD5 checksum: 42156 71efe3f47f1cfe1fa94bc977832d14b3

Size/MD5 checksum: 3941092 22b7964938513694d7665c832b234035

Little endian MIPS architecture:


Size/MD5 checksum: 74886 833cc732ed934563f5582b652dc4b056

Size/MD5 checksum: 42350 4e50a31e4f219f53146a7f790bde4747

Size/MD5 checksum: 3899354 17f6313d6073d1557c988e028b5a7bb0

PowerPC architecture:


Size/MD5 checksum: 73934 2a6a193f1acb64784473965cc49ac610

Size/MD5 checksum: 45040 45b3a8a439e7eb68cc87f24ebe81e945

Size/MD5 checksum: 3586312 9fa3b7e4c724db99e0214204b791123e

IBM S/390 architecture:


Size/MD5 checksum: 63928 f45e1a0bd5b9e69a3c8f9db16cd041df

Size/MD5 checksum: 43052 489de74e0a77f1269fbd116ddbb922a3

Size/MD5 checksum: 3383454 3ada8fc381e60370cdf037e817b3978c

Sun Sparc architecture:


Size/MD5 checksum: 70708 a34f6c87173cb0754e435cfd0040f7d3

Size/MD5 checksum: 48512 e80f52795254d7fc3adac437a0898d97

Size/MD5 checksum: 3598374 8b834d6c56cba09cbdb9402f4b263141


These files will probably be moved into the stable distribution on
its next revision.

Severity
Package : tetex-bin
Vulnerability : arbitrary command execution
Problem-type : remote
Debian-specific: no
CVE Id : CAN-2002-0836

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved