Lucene search
MitreCVELIST:CVE-2003-0124HistorySep 01, 2004 - 4:00 a.m.
CVE-2003-0124
2004-09-0104:00:00
mitre
www.cve.org
2
man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value “unsafe,” which is then executed as a program via a system call if it is in the search path of the user who runs man.
References
distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000620
marc.info/?l=bugtraq&m=104740927915154&w=2
marc.info/?l=bugtraq&m=104802285112752&w=2
www.redhat.com/support/errata/RHSA-2003-133.html
www.redhat.com/support/errata/RHSA-2003-134.html
www.securityfocus.com/bid/7066
exchange.xforce.ibmcloud.com/vulnerabilities/11512
Related
nessus
nessus
RHEL 2.1 : man (RHSA-2003:134)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : man (MDKSA-2003:054)
2004-07-31 00:00:00
redhat
redhat
(RHSA-2003:134) man security update
2003-04-28 00:00:00
nvd
nvd
CVE-2003-0124
2003-03-18 05:00:00
cve
cve
CVE-2003-0124
2004-09-01 04:00:00
exploitdb
exploitdb
Man Program 1.5 - Unsafe Return Value Command Execution
2003-03-11 00:00:00