Bug 10338

Summary: man overflow exploit.
Product: [Retired] Red Hat Linux Reporter: zurk
Component: manAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.1Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://securityfocus.com/data/vulnerabilities/exploits/redhat6_man_of.c
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-03-25 02:36:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description zurk 2000-03-25 02:19:33 UTC
A buffer overflow exists in the implementation of the 'man' program
 shipped with RedHat Linux, and other LInux vendors. By carefully
 crafting a long buffer of machine executable code, and placing it in the
 MANPATH environmental variable, it becomes possible for a would be
 attacker to gain egid man.

Comment 1 Bernhard Rosenkraenzer 2000-03-25 02:36:59 UTC
This has been reported and fixed a couple of months ago.
We didn't release an errata package because it is non-critical; at the very
worst, someone getting gid man can present false man pages to users who access
the previously generated man page cache instead of rebuilding the man pages.

*** This bug has been marked as a duplicate of 9892 ***