EUVD-2001-1159

Malware in sbrugna...

Malicious code in xman-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf5c243019a4ec4df65a182a5f1e9cd5a48899107fcddd0cce2dafaedf57eb69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-972 Malicious code in xman-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf5c243019a4ec4df65a182a5f1e9cd5a48899107fcddd0cce2dafaedf57eb69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MDKA-2007:117 : xman

The xman program was looking for the man pages in the wrong location, and did not support LZMA compression format. This update package fixes both issues. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on...

Mandriva Update for xman MDKA-2007:117 (xman)

Check for the Version of xman OpenVAS Vulnerability Test Mandriva Update for xman MDKA-2007:117 xman Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Mandriva Update for xman MDKA-2007:117 (xman)

Check for the Version of xman OpenVAS Vulnerability Test Mandriva Update for xman MDKA-2007:117 xman Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

DEBIAN-CVE-2004-1204

FluxBox 0.9.10 and earlier versions allows local users to cause a denial of service application crash by calling Xman with a long -title value, possibly triggering a buffer overflow...

CVE-2004-1204

FluxBox 0.9.10 and earlier allows local users to cause a denial of service (application crash) by invoking Xman with a long -title value, potentially triggering a buffer overflow. Affected: FluxBox ≤ 0.9.10. Connected sources document the vulnerability but do not provide exploitation specifics or...

CVE-2001-1178

Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable...

CVE-2001-1178

CVE-2001-1178 (xman) is a local privilege-escalation vulnerability caused by a buffer overflow triggered by a long MANPATH environment variable. Affected component: xman. Root cause: insufficient bounds checking on MANPATH leading to overflow. Impact: local users may gain privileges; exploitation...

CVE-2001-1179

The CVE-2001-1179 issue affects the xman utility. It allows local users to gain privileges by manipulating the MANPATH to point to a man page whose filename contains shell metacharacters, enabling privilege escalation. The connected documents confirm the description but do not provide explicit af...

CVE-2001-1179

xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters...

xxman.sh

xman doesn't drop privileges anywheres in the program. but, does support suid installation. so, exploiting via a system call is much easier than the buffer overflow in MANPATH, mentioned in another bugtraq posting. here is an example of such an exploitation possibility: -- xxman.sh -- !/bin/sh...

CVE-2001-1179

xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters...

suid xman 3.1.6 overflows

xman from at least X11R6-contrib-3.3.2-3.i386.rpm suffers from a classic overflow [email protected] is noted as the packager of this RPM. I do not know the author. root@linux lib ls -al which xman -rwxr-sr-x 1 root man 41076 Jun 17 1998 /usr/X11R6/bin/xman root@linux lib xman root@linux li...

Переполнение буфера в xman (buffer overflow)

Переполнение буфера при разборе переменной MANPATH sgid man...

CVE-2001-1178

Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable...

XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow

XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/3030/info xman is a component included with the XFree86 Window System. A buffer overflow in the handling of the MANPATH environment variable by xman makes it possible for a local user...

XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow

source: https://www.securityfocus.com/bid/3030/info xman is a component included with the XFree86 Window System. A buffer overflow in the handling of the MANPATH environment variable by xman makes it possible for a local user to execute arbitrary code. By inserting 70000 characters into the MANPA...