Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: man bugs might lead to root compromise (RH 6.1 and other boxes)
From: lcamtuf () DIONE IDS PL (Michal Zalewski)
Date: Mon, 28 Feb 2000 09:01:56 +0100


On Sun, 27 Feb 2000, H D Moore wrote:

Hi,

I could not reproduce this on a SuSE 6.2 system running:

man, version 2.3.10, db 2.3.1, July 12th, 1995
(G.Wilford () ee surrey ac uk)

My copy is setgid man and I also subjected it to 4,8, and 20 kb buffers
in every envrionment variable it uses without it flinching.

Try setting PAGER instead of MANPAGER - older man version used it.

_______________________________________________________
Michal Zalewski * [lcamtuf () ags pl] <=> [AGS WAN SYSADM]
[dione.ids.pl SYSADM] <-> [http://lcamtuf.na.export.pl]
[+48 22 551 45 93] [+48 603 110 160] bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]