23 matches found
EUVD-2006-4238
Malware in sbrugna...
CVE-2023-46321
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line...
CVE-2023-46321
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line...
PT-2023-29958 · Iterm2 · Iterm2
Name of the Vulnerable Software and Affected Versions: iTerm2 versions prior to 3.5.0beta12 Description: The issue is related to the iTermSessionLauncher.m component in iTerm2, which does not properly sanitize paths in x-man-page URLs. This can lead to the inclusion of shell metacharacters in a...
man-cgi Local File Inclusion Vulnerability
Exploit for linux platform in category remote exploits man-cgi before 1.16 allows Local File Inclusion via absolute path traversal. If an Attacker provides a Filename as a Parameter e.g. https://example.org/cgi-bin/man-cgi?/etc/passwd the Script will read and return the local file. This is...
G. Wilford man 2.3.10 Symlink Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/305/info The man command created a temporary file under /tmp with a predictable name and is willing to follow symbolic links. This may allow malicious local users to create arbitrarily named files. zsoelim1 is a utility...
HP-UX 10.20/11.0 man /tmp symlink Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1302/info The programmers of the 'man' command on various HPUX releases have made several fatal mistakes that allow an attacker to trivially set a trap that could result in any arbitrary file being overwritten on the syst...
SuSE 10 Security Update : man (ZYPP Patch Number 3101)
A heap-based buffer overflow in the 'man' command could potentially be exploited by users to run code as root. CVE-2006-4250 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Man Command - -H Flag Local Buffer Overflow
Man Command - -H Flag Local Buffer Overflow // source: https://www.securityfocus.com/bid/23355/info The 'man' command is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation. NOTE: Presumably, this...
Man Command - -H Flag Local Buffer Overflow
// source: https://www.securityfocus.com/bid/23355/info The 'man' command is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation. NOTE: Presumably, this issue is exploitable only when 'man' has bee...
HP-UX Security patch : PHCO_23090
The remote host is missing HP-UX Security Patch number PHCO23090 . Sec. Vulnerability in man1 command %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid17123; scriptversion"1.7";...
HP-UX Security patch : PHCO_23089
The remote host is missing HP-UX Security Patch number PHCO23089 . Sec. Vulnerability in man1 command %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid17124; scriptversion"1.7";...
HP-UX PHCO_23088 : HPSBUX0101-138 Sec. Vulnerability in man(1) command (rev.1)
s700800 11.00 man1 patch : All HP9000 series 700/800 workstations and servers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHCO23088. The text itself is copyright C Hewlett-Packard Development Company, L.P...
Buffer overflow in man
Buffer overflow on -S key, MANPL variable...
RH7.0: man local gid 15 (man) exploit
======================================================== Vulnerable systems: redhat 7.0 with man-1.5h1-10 default package and earlier. ========================================================= Heap Based Overflow of man via -S option gives GID man. Due to a slight error in a length check, the -S...
Дырка в man (linux)
Ошиюка форматной строки при разборе агрументов...
Debian 2.2 Su.S.E 6.36.47.0 - man -l Format String
Debian 2.2 Su.S.E 6.36.47.0 - man -l Format String source: https://www.securityfocus.com/bid/2327/info man is the manual page viewing program, available with the Linux Operating System in this implementation. It is freely distributed and openly maintained. A problem with the man command may allow...
Debian 2.2 / Su.S.E 6.3/6.4/7.0 - man '-l' Format String
source: https://www.securityfocus.com/bid/2327/info man is the manual page viewing program, available with the Linux Operating System in this implementation. It is freely distributed and openly maintained. A problem with the man command may allow for the elevation of privileges. Due to the handli...
HP Security vulnerability in the man command
Systems Affected: HPUX 10.20 and 11.00 and probably other revs. Short Description: The 'man' command potentially allows attackers to overwrite any arbitrary file on the system via symlink bugs. I notified HP on 5-8-2000 and I've been told that a patch is forthcoming soon. No HP advisory has come...
HP-UX 10.2011.0 - man tmp Symlink
HP-UX 10.2011.0 - man tmp Symlink source: https://www.securityfocus.com/bid/1302/info The programmers of the 'man' command on various HPUX releases have made several fatal mistakes that allow an attacker to trivially set a trap that could result in any arbitrary file being overwritten on the syst...