MDKSA-2003:054
- Package name
- man
- Date
- 2003-05-06
- Advisory ID
- MDKSA-2003:054
- Affected versions
- 9.1 i586 , CS2.1 x86_64 , CS2.1 i586 , 9.0 i586 , 8.2 i586 , MNF8.2 i586 , 9.1 i586 , 8.2 i586
Problem description
A difficult to exploit vulnerability was discovered in versions of man prior to 1.5l. A bug exists in man that could cause a program named "unsafe" to be executed due to a malformed man file. In order to exploit this bug, a local attacker would have to be able to get another user to read the malformed man file, and the attacker would also have to create a file called "unsafe" that would be located somewhere in the victim's path.
Updated packages
9.1 i586
7ba3b8c8db57f51af6d22ed568c226e0 9.1/RPMS/man-1.5k-8.1mdk.i586.rpm 961c191112d1c0c6059e97fd292d56e9 9.1/SRPMS/man-1.5k-8.1mdk.src.rpm
CS2.1 x86_64
0d641e78c0aaca71e5b6c1661c989beb x86_64/corporate/2.1/RPMS/man-1.5k-2.1mdk.x86_64.rpm ed2d05a401cd4dac5f33a92a24349e48 x86_64/corporate/2.1/SRPMS/man-1.5k-2.1mdk.src.rpm
CS2.1 i586
9084b56436327c9fc11c462cec78028b corporate/2.1/RPMS/man-1.5k-2.1mdk.i586.rpm ed2d05a401cd4dac5f33a92a24349e48 corporate/2.1/SRPMS/man-1.5k-2.1mdk.src.rpm
9.0 i586
9084b56436327c9fc11c462cec78028b 9.0/RPMS/man-1.5k-2.1mdk.i586.rpm ed2d05a401cd4dac5f33a92a24349e48 9.0/SRPMS/man-1.5k-2.1mdk.src.rpm
8.2 i586
f3c74c1407535520c36b7559ae7783eb 8.2/RPMS/man-1.5j-4.1mdk.i586.rpm 29838905428ab9f75fe06882010a5357 8.2/SRPMS/man-1.5j-4.1mdk.src.rpm
MNF8.2 i586
f3c74c1407535520c36b7559ae7783eb mnf8.2/RPMS/man-1.5j-4.1mdk.i586.rpm 29838905428ab9f75fe06882010a5357 mnf8.2/SRPMS/man-1.5j-4.1mdk.src.rpm
9.1 i586
5c8df874431af0e945be6d7df3a6364e ppc/9.1/RPMS/man-1.5k-8.1mdk.ppc.rpm 961c191112d1c0c6059e97fd292d56e9 ppc/9.1/SRPMS/man-1.5k-8.1mdk.src.rpm
8.2 i586
d4defc9d7ef42312b82aab960120c6e6 ppc/8.2/RPMS/man-1.5j-4.1mdk.ppc.rpm 29838905428ab9f75fe06882010a5357 ppc/8.2/SRPMS/man-1.5j-4.1mdk.src.rpm