19 matches found
EUVD-2001-1159
Malware in sbrugna...
Malicious code in xman-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf5c243019a4ec4df65a182a5f1e9cd5a48899107fcddd0cce2dafaedf57eb69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-972 Malicious code in xman-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf5c243019a4ec4df65a182a5f1e9cd5a48899107fcddd0cce2dafaedf57eb69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MDKA-2007:117 : xman
The xman program was looking for the man pages in the wrong location, and did not support LZMA compression format. This update package fixes both issues. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on...
Mandriva Update for xman MDKA-2007:117 (xman)
Check for the Version of xman OpenVAS Vulnerability Test Mandriva Update for xman MDKA-2007:117 xman Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Mandriva Update for xman MDKA-2007:117 (xman)
Check for the Version of xman OpenVAS Vulnerability Test Mandriva Update for xman MDKA-2007:117 xman Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
DEBIAN-CVE-2004-1204
FluxBox 0.9.10 and earlier versions allows local users to cause a denial of service application crash by calling Xman with a long -title value, possibly triggering a buffer overflow...
CVE-2004-1204
FluxBox 0.9.10 and earlier allows local users to cause a denial of service (application crash) by invoking Xman with a long -title value, potentially triggering a buffer overflow. Affected: FluxBox ≤ 0.9.10. Connected sources document the vulnerability but do not provide exploitation specifics or...
CVE-2001-1179
xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters...
CVE-2001-1178
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable...
CVE-2001-1178
CVE-2001-1178 (xman) is a local privilege-escalation vulnerability caused by a buffer overflow triggered by a long MANPATH environment variable. Affected component: xman. Root cause: insufficient bounds checking on MANPATH leading to overflow. Impact: local users may gain privileges; exploitation...
CVE-2001-1179
The CVE-2001-1179 issue affects the xman utility. It allows local users to gain privileges by manipulating the MANPATH to point to a man page whose filename contains shell metacharacters, enabling privilege escalation. The connected documents confirm the description but do not provide explicit af...
xxman.sh
xman doesn't drop privileges anywheres in the program. but, does support suid installation. so, exploiting via a system call is much easier than the buffer overflow in MANPATH, mentioned in another bugtraq posting. here is an example of such an exploitation possibility: -- xxman.sh -- !/bin/sh...
CVE-2001-1179
xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters...
Переполнение буфера в xman (buffer overflow)
Переполнение буфера при разборе переменной MANPATH sgid man...
suid xman 3.1.6 overflows
xman from at least X11R6-contrib-3.3.2-3.i386.rpm suffers from a classic overflow [email protected] is noted as the packager of this RPM. I do not know the author. root@linux lib ls -al which xman -rwxr-sr-x 1 root man 41076 Jun 17 1998 /usr/X11R6/bin/xman root@linux lib xman root@linux li...
CVE-2001-1178
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable...
XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow
XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/3030/info xman is a component included with the XFree86 Window System. A buffer overflow in the handling of the MANPATH environment variable by xman makes it possible for a local user...
XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow
source: https://www.securityfocus.com/bid/3030/info xman is a component included with the XFree86 Window System. A buffer overflow in the handling of the MANPATH environment variable by xman makes it possible for a local user to execute arbitrary code. By inserting 70000 characters into the MANPA...