Executive Summary
Summary | |
---|---|
Title | teTeX and TeX Live vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-554-1 | First vendor Publication | 2007-12-06 |
Vendor | Ubuntu | Last vendor Modification | 2007-12-06 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 6.10: Ubuntu 7.04: Ubuntu 7.10: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Bastien Roucaries discovered that dvips as included in tetex-bin and texlive-bin did not properly perform bounds checking. If a user or automated system were tricked into processing a specially crafted dvi file, dvips could be made to crash and execute code as the user invoking the program. (CVE-2007-5935) Joachim Schrod discovered that the dviljk utilities created temporary files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. (CVE-2007-5936) Joachim Schrod discovered that the dviljk utilities did not perform bounds checking in many instances. If a user or automated system were tricked into processing a specially crafted dvi file, the dviljk utilities could be made to crash and execute code as the user invoking the program. (CVE-2007-5937) |
Original Source
Url : http://www.ubuntu.com/usn/USN-554-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
33 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11311 | |||
Oval ID: | oval:org.mitre.oval:def:11311 | ||
Title: | Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag. | ||
Description: | Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5935 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17361 | |||
Oval ID: | oval:org.mitre.oval:def:17361 | ||
Title: | USN-554-1 -- tetex-bin, texlive-bin vulnerabilities | ||
Description: | Bastien Roucaries discovered that dvips as included in tetex-bin and texlive-bin did not properly perform bounds checking. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-554-1 CVE-2007-5935 CVE-2007-5936 CVE-2007-5937 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | tetex-bin texlive-bin |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2010-05-17 | Name : CentOS Update for tetex CESA-2010:0399 centos4 i386 File : nvt/gb_CESA-2010_0399_tetex_centos4_i386.nasl |
2010-05-17 | Name : CentOS Update for tetex CESA-2010:0401 centos3 i386 File : nvt/gb_CESA-2010_0401_tetex_centos3_i386.nasl |
2010-05-07 | Name : RedHat Update for tetex RHSA-2010:0399-01 File : nvt/gb_RHSA-2010_0399-01_tetex.nasl |
2010-05-07 | Name : RedHat Update for tetex RHSA-2010:0401-01 File : nvt/gb_RHSA-2010_0401-01_tetex.nasl |
2009-04-09 | Name : Mandriva Update for tetex MDKSA-2007:230 (tetex) File : nvt/gb_mandriva_MDKSA_2007_230.nasl |
2009-03-23 | Name : Ubuntu Update for tetex-bin, texlive-bin vulnerabilities USN-554-1 File : nvt/gb_ubuntu_USN_554_1.nasl |
2009-02-27 | Name : Fedora Update for tetex FEDORA-2007-3308 File : nvt/gb_fedora_2007_3308_tetex_fc8.nasl |
2009-02-27 | Name : Fedora Update for tetex FEDORA-2007-3390 File : nvt/gb_fedora_2007_3390_tetex_fc7.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-26 (tetex) File : nvt/glsa_200711_26.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-34 (cstetex) File : nvt/glsa_200711_34.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-13 (ptex) File : nvt/glsa_200805_13.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42239 | teTeX dviljk dvi2xx.c DVI Input File Handling Multiple Overflows |
42238 | teTeX dvips dviljk Temp File Race Condition Arbitrary File Modification |
42237 | teTeX dvips hpc.c DVI File href Tag Handling Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0399.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0401.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100506_tetex_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100506_tetex_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0399.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0401.nasl - Type : ACT_GATHER_INFO |
2010-05-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0399.nasl - Type : ACT_GATHER_INFO |
2010-05-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0401.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote openSUSE host is missing a security update. File : suse_texlive-bin-5221.nasl - Type : ACT_GATHER_INFO |
2008-01-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_te_ams-4818.nasl - Type : ACT_GATHER_INFO |
2008-01-08 | Name : The remote openSUSE host is missing a security update. File : suse_te_ams-4819.nasl - Type : ACT_GATHER_INFO |
2007-12-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-554-1.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3308.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3390.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-230.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-26.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:04:49 |
|