RHEL 2.1 : tetex (RHSA-2002:195)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated packages for dvips are available which fix a vulnerability
allowing print users to execute arbitrary commands.

[Updated 13 Aug 2003] Added tetex-doc package that was originally left
out of the errata.

The dvips utility converts DVI format into PostScript(TM), and is used
in Red Hat Linux as a print filter for printing DVI files. A
vulnerability has been found in dvips which uses the system() function
insecurely when managing fonts.

Since dvips is used in a print filter, this allows local or remote
attackers who have print access to carefully craft a print job that
allows them to execute arbitrary code as the user 'lp'.

A work around for this vulnerability is to remove the print filter for
DVI files. The following commands, run as root, will accomplish this :

rm -f /usr/share/printconf/mf_rules/mf40-tetex_filters rm -f

However, to fix the problem in the dvips utility as well as remove the
print filter we recommend that all users upgrade to the these packages
contained within this erratum which contain a patch for this issue.

This vulnerability was discovered by Olaf Kirch of SuSE.

Additionally, the file /var/lib/texmf/ls-R had world-writable

This issue is also fixed by the packages contained within this

See also :


Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5

Family: Red Hat Local Security Checks

Nessus Plugin ID: 12324 ()

Bugtraq ID:

CVE ID: CVE-2002-0836