15 matches found
EUVD-2001-1258
Malware in sbrugna...
EUVD-2000-0562
Malware in sbrugna...
SUSE: Security Advisory (SUSE-SU-2020:0102-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
Multiple vulnerabilities exist in the man-1.5i2 package of the Red Hat Linux operating system. Exploitation of these vulnerabilities can lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Mandrake Linux Security Advisory : man (MDKSA-2003:054)
A difficult to exploit vulnerability was discovered in versions of man prior to 1.5l. A bug exists in man that could cause a program named 'unsafe' to be executed due to a malformed man file. In order to exploit this bug, a local attacker would have to be able to get another user to read the...
RHEL 2.1 : man (RHSA-2003:134)
Updated man packages fix a minor security vulnerability. The man package includes tools for finding information and documentation about commands on a system. Versions of man before 1.51 have a bug where a malformed man file can cause a program named 'unsafe' to be run. To exploit this vulnerabili...
Low: Red Hat Security Advisory: man security update
Updated man packages fix a minor security vulnerability. The man package includes tools for finding information and documentation about commands on a system. Versions of man before 1.51 have a bug where a malformed man file can cause a program named "unsafe" to be run. To exploit this vulnerabili...
CVE-2001-1277
makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters...
CVE-2001-1277
The CVE-2001-1277 issue affects the makewhatis component of the man package prior to version 1.5i2. A local attacker belonging to the group man can cause arbitrary files to be overwritten by crafting a man page name containing shell metacharacters, exploiting insufficient validation during proces...
Important: Red Hat Security Advisory: : Updated man package fixing GID security problems.
Updated man packages fixing a local GID man exploit and a potential GID man to root exploit, as well as a problem with the man paths of Red Hat Linux 5.x and 6.x. Users could gain access to the GID man by overrunning a buffer in the ultimatesource function. Users with GID man could get root acces...
man 'makewhatis' insecurely uses /tmp
Overview The 'makewhatis' script in the Linux man package allows local users to overwrite files via a symlink attack. Description The 'makewhatis' program is a Bourne shell script that ships with many Linux distributions in the 'man' package of programs. The 'makewhatis' script creates files in t...
man 1.5h10 + man 1.5i-4 exploits
This advisory is also stored, along with the exploits at http://generic.labs.pulltheplug.com/zen/ as man.txt ====================================================================== Local root from /usr/bin/man + /etc/cron.daily/makewhatis.cron Redhat 7.0 Redhat 7.1 on other distributions it may al...
CVE-2001-1277
makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters...
[linux-security] [RHSA-2000:041-02] man package's 'makewhatis' uses insecure handling of files in /tmp
--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: man package's 'makewhatis' uses insecure handling of files in /tmp Advisory ID: RHSA-2000:041-02 Issue date: 2000-07-03 Updated on: 2000-07-03 Product: Red Hat Linux Keywords: man /tmp...
CVE-2000-0566
makewhatis in Linux man package allows local users to overwrite files via a symlink attack...