man-db before 2.8.5 on Gentoo allows local users (with access to the man user account) to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. (Also, the owner can strip the setuid and setgid bits.)

...

Linux Distros Unpatched Vulnerability : CVE-2015-1336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via...

Gentoo Linux Security Advisory 201707-12

Gentoo Linux Security Advisory 201707-12 - A vulnerability in MAN DB allows local users to gain root privileges. Versions less than 2.7.6.1-r2 are affected...

SUSE CVE-2003-0645

man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the /.manpath file, even when running setuid, which could allow local users to gain privileges...

SUSE CVE-2006-4250

Buffer overflow in man and mandb man-db 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag...

CVE-2018-25078

man-db before 2.8.5 on Gentoo allows local users with access to the man user account to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. Also, the owner can strip the setuid and setgid bits...

Gentoo 安全漏洞

Gentoo is an open source Linux system from the Gentoo Foundation. A security vulnerability exists in Gentoo man-db versions prior to 2.8.5. An attacker exploited the vulnerability to gain root privileges...

USN-5334-1 man-db vulnerability

It was discovered that man-db incorrectly handled permission changing operations in its daily cron job, and was therefore affected by a race condition. An attacker could possibly use this issue to escalate privileges and execute arbitrary code...

PT-2023-10819 · Man Db +1 · Man-Db +1

Name of the Vulnerable Software and Affected Versions: man-db versions prior to 2.8.5 Description: The issue allows local users with access to the man user account to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. Additionally, the owner can strip the setui...

DEBIAN-CVE-2003-0645

man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the /.manpath file, even when running setuid, which could allow local users to gain privileges...

DEBIAN-CVE-2003-0620

Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via 1 MANDATORYMANPATH, MANPATHMAP, and MANDBMAP arguments to addtodirlist in manp.c, 2 a long pathname to ultsrc in ultsrc.c, 3 a long .so argument to testforinclude in ultsrc.c, 4 ...

DSA-364-3 man-db - buffer overflows, arbitrary command execution

Bulletin has no description...

DSA-364-2 man-db - buffer overflows, arbitrary command execution

Bulletin has no description...