9 lines
No EOL
728 B
Text
9 lines
No EOL
728 B
Text
source: http://www.securityfocus.com/bid/2872/info
|
|
|
|
A buffer overflow vulnerability exists in the implementation of the 'man' system manual pager program commonly included with Linux distributions.
|
|
|
|
The vulnerability exists due to the way the program handles manual page files beginning with a '.so' statement. Under certain circumstances, the code responsible for processing this data may be allow the length of the filename from a '.so' statement to be expanded, eventually causing a boundary condition error.
|
|
|
|
As a result, it may be possible for local users to execute arbitrary code with group 'man' privileges.
|
|
|
|
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/20926.tar.gz |