Nom du paquet
man
Date
2003-05-06
Advisory ID
MDKSA-2003:054
Affected versions
9.1 i586 , CS2.1 x86_64 , CS2.1 i586 , 9.0 i586 , 8.2 i586 , MNF8.2 i586 , 9.1 i586 , 8.2 i586

Problem description

A difficult to exploit vulnerability was discovered in versions of man prior to 1.5l. A bug exists in man that could cause a program named "unsafe" to be executed due to a malformed man file. In order to exploit this bug, a local attacker would have to be able to get another user to read the malformed man file, and the attacker would also have to create a file called "unsafe" that would be located somewhere in the victim's path.

Updated packages

9.1 i586

 7ba3b8c8db57f51af6d22ed568c226e0  9.1/RPMS/man-1.5k-8.1mdk.i586.rpm
961c191112d1c0c6059e97fd292d56e9  9.1/SRPMS/man-1.5k-8.1mdk.src.rpm

CS2.1 x86_64

 0d641e78c0aaca71e5b6c1661c989beb  x86_64/corporate/2.1/RPMS/man-1.5k-2.1mdk.x86_64.rpm
ed2d05a401cd4dac5f33a92a24349e48  x86_64/corporate/2.1/SRPMS/man-1.5k-2.1mdk.src.rpm

CS2.1 i586

 9084b56436327c9fc11c462cec78028b  corporate/2.1/RPMS/man-1.5k-2.1mdk.i586.rpm
ed2d05a401cd4dac5f33a92a24349e48  corporate/2.1/SRPMS/man-1.5k-2.1mdk.src.rpm

9.0 i586

 9084b56436327c9fc11c462cec78028b  9.0/RPMS/man-1.5k-2.1mdk.i586.rpm
ed2d05a401cd4dac5f33a92a24349e48  9.0/SRPMS/man-1.5k-2.1mdk.src.rpm

8.2 i586

 f3c74c1407535520c36b7559ae7783eb  8.2/RPMS/man-1.5j-4.1mdk.i586.rpm
29838905428ab9f75fe06882010a5357  8.2/SRPMS/man-1.5j-4.1mdk.src.rpm

MNF8.2 i586

 f3c74c1407535520c36b7559ae7783eb  mnf8.2/RPMS/man-1.5j-4.1mdk.i586.rpm
29838905428ab9f75fe06882010a5357  mnf8.2/SRPMS/man-1.5j-4.1mdk.src.rpm

9.1 i586

 5c8df874431af0e945be6d7df3a6364e  ppc/9.1/RPMS/man-1.5k-8.1mdk.ppc.rpm
961c191112d1c0c6059e97fd292d56e9  ppc/9.1/SRPMS/man-1.5k-8.1mdk.src.rpm

8.2 i586

 d4defc9d7ef42312b82aab960120c6e6  ppc/8.2/RPMS/man-1.5j-4.1mdk.ppc.rpm
29838905428ab9f75fe06882010a5357  ppc/8.2/SRPMS/man-1.5j-4.1mdk.src.rpm

References