Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: RH7.0: man local gid 15 (man) exploit
From: Olaf Kirch <okir () caldera de>
Date: Mon, 14 May 2001 12:40:59 +0200

On Sun, May 13, 2001 at 08:07:34PM -0000, zenith parsec wrote:
========================================================
Vulnerable systems: redhat 7.0 with man-1.5h1-10 (default
package) and earlier.
=========================================================
Heap Based Overflow of man via -S option gives GID man.


Caldera OpenLinux is not vulnerable to this problem. Our man-1.5 package
comes with a patch that forks off a "cache manager" thread that puts
formatted pages into /var/catman, while the man application itself
continues in the foreground without any privilege.

Olaf
-- 
Olaf Kirch         |  --- o --- Nous sommes du soleil we love when we play
okir () monad swb de  |    / | \   sol.dhoop.naytheet.ah kin.ir.samse.qurax
okir () caldera de    +-------------------- Why Not?! -----------------------
         UNIX, n.: Spanish manufacturer of fire extinguishers.            


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault