14 matches found
EUVD-2001-1258
Malware in sbrugna...
EUVD-2000-0562
Malware in sbrugna...
SUSE: Security Advisory (SUSE-SU-2020:0102-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandrake Linux Security Advisory : man (MDKSA-2003:054)
A difficult to exploit vulnerability was discovered in versions of man prior to 1.5l. A bug exists in man that could cause a program named 'unsafe' to be executed due to a malformed man file. In order to exploit this bug, a local attacker would have to be able to get another user to read the...
RHEL 2.1 : man (RHSA-2003:134)
Updated man packages fix a minor security vulnerability. The man package includes tools for finding information and documentation about commands on a system. Versions of man before 1.51 have a bug where a malformed man file can cause a program named 'unsafe' to be run. To exploit this vulnerabili...
Low: Red Hat Security Advisory: man security update
Updated man packages fix a minor security vulnerability. The man package includes tools for finding information and documentation about commands on a system. Versions of man before 1.51 have a bug where a malformed man file can cause a program named "unsafe" to be run. To exploit this vulnerabili...
CVE-2001-1277
makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters...
CVE-2001-1277
The CVE-2001-1277 issue affects the makewhatis component of the man package prior to version 1.5i2. A local attacker belonging to the group man can cause arbitrary files to be overwritten by crafting a man page name containing shell metacharacters, exploiting insufficient validation during proces...
Important: Red Hat Security Advisory: : Updated man package fixing GID security problems.
Updated man packages fixing a local GID man exploit and a potential GID man to root exploit, as well as a problem with the man paths of Red Hat Linux 5.x and 6.x. Users could gain access to the GID man by overrunning a buffer in the ultimatesource function. Users with GID man could get root acces...
man 'makewhatis' insecurely uses /tmp
Overview The 'makewhatis' script in the Linux man package allows local users to overwrite files via a symlink attack. Description The 'makewhatis' program is a Bourne shell script that ships with many Linux distributions in the 'man' package of programs. The 'makewhatis' script creates files in t...
man 1.5h10 + man 1.5i-4 exploits
This advisory is also stored, along with the exploits at http://generic.labs.pulltheplug.com/zen/ as man.txt ====================================================================== Local root from /usr/bin/man + /etc/cron.daily/makewhatis.cron Redhat 7.0 Redhat 7.1 on other distributions it may al...
CVE-2001-1277
makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters...
[linux-security] [RHSA-2000:041-02] man package's 'makewhatis' uses insecure handling of files in /tmp
--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: man package's 'makewhatis' uses insecure handling of files in /tmp Advisory ID: RHSA-2000:041-02 Issue date: 2000-07-03 Updated on: 2000-07-03 Product: Red Hat Linux Keywords: man /tmp...
CVE-2000-0566
makewhatis in Linux man package allows local users to overwrite files via a symlink attack...