{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2001-08-27T00:00:00", "descriptions": [{"lang": "en", "value": "The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "3241", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3241"}, {"name": "dvips-lpd-command-execution(16509)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16509"}, {"name": "20010827 LPRng/rhs-printfilters - remote execution of commands", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=99892644616749&w=2"}, {"name": "RHSA-2001:102", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2001-102.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1002", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "3241", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3241"}, {"name": "dvips-lpd-command-execution(16509)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16509"}, {"name": "20010827 LPRng/rhs-printfilters - remote execution of commands", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=99892644616749&w=2"}, {"name": "RHSA-2001:102", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-102.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T04:37:06.859Z"}, "title": "CVE Program Container", "references": [{"name": "3241", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/3241"}, {"name": "dvips-lpd-command-execution(16509)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16509"}, {"name": "20010827 LPRng/rhs-printfilters - remote execution of commands", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=99892644616749&w=2"}, {"name": "RHSA-2001:102", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2001-102.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1002", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-01-31T00:00:00", "dateUpdated": "2024-08-08T04:37:06.859Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands."}], "id": "CVE-2001-1002", "lastModified": "2017-10-10T01:29:57.890", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2001-08-31T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=99892644616749&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2001-102.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/3241"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16509"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2001:102", "cpe": "cpe:/o:redhat:linux:5.2", "product_name": "Red Hat Linux 5.2", "release_date": "2001-10-30T00:00:00Z"}, {"advisory": "RHSA-2001:102", "cpe": "cpe:/o:redhat:linux:6.2", "product_name": "Red Hat Linux 6.2", "release_date": "2001-10-30T00:00:00Z"}, {"advisory": "RHSA-2001:102", "cpe": "cpe:/o:redhat:linux:7.0", "product_name": "Red Hat Linux 7.0", "release_date": "2001-10-30T00:00:00Z"}, {"advisory": "RHSA-2001:102", "cpe": "cpe:/o:redhat:linux:7.0j", "product_name": "Red Hat Linux 7.0j", "release_date": "2001-10-30T00:00:00Z"}, {"advisory": "RHSA-2001:102", "cpe": "cpe:/o:redhat:linux:7.1", "product_name": "Red Hat Linux 7.1", "release_date": "2001-10-30T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1616640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616640"}, "csaw": false, "details": ["The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands."], "name": "CVE-2001-1002", "public_date": "2001-08-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2001-1002\nhttps://nvd.nist.gov/vuln/detail/CVE-2001-1002"]}