Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Connectiva CLA-2003:620: local vulnerability in man

Connectiva CLA-2003:620: local vulnerability in man

by Nikola Strahija on April 9th, 2003 A vulnerability has been found in the man package which, if exploited, could allow a local attacker to run arbitrary commands with the privileges of the user running man.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --------------------------------------------------------------------------

PACKAGE : man
SUMMARY : Local vulnerability
DATE : 2003-04-07 19:22:00
ID : CLA-2003:620
RELEVANT
RELEASES : 6.0, 7.0, 8

- -------------------------------------------------------------------------

DESCRIPTION
The man package, which includes the utilities man, apropos, and
whatis is used to read most of the documentation available on a Linux
system.

Jack Lloyd found[1] a local vulnerability in the man utility. Because
of a problem with a value returned by the my_xsprintf() function, man
could try to execute a program called "unsafe" when reading a manpage
file with certain characteristics. If an attacker can put a malicious
executable file called "unsafe" in the system PATH and let a user
open a specially created manpage, it could run arbitrary commands
with the privileges of this user.


SOLUTION
All users of the "man" package should upgrade.


REFERENCES:
1.http://www.securityfocus.com/archive/1/314700


UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/man-1.5l-1U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/man-1.5l-1U60_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/man-1.5l-1U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/man-1.5l-1U70_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/man-1.5l-1U80_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/man-1.5l-1U80_1cl.src.rpm


ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:

- run: apt-get update
- after that, execute: apt-get upgrade

Detailed instructions reagarding the use of apt and upgrade examples
can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en

- -------------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en

- -------------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en

- -------------------------------------------------------------------------
Copyright 2003 (c) Conectiva Inc.
http://www.conectiva.com

- -------------------------------------------------------------------------
subscribe: [email protected]
unsubscribe: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+kfrW42jd0JmAcZARAhvvAKDBq7XJrgCvZsbTU+qJgkTHG6BRVACeInKP
2nGTlhBoOi5LvoOl8sOHWso=
=WOKC
-----END PGP SIGNATURE-----


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »