[11119] in bugtraq
Re: Troff dangerous.
daemon@ATHENA.MIT.EDU (John Robert LoVerso)
Sun Jul 25 17:19:43 1999
Message-Id: <199907251418.KAA05569@loverso.southborough.ma.us>
Date: Sun, 25 Jul 1999 10:18:20 -0400
Reply-To: John Robert LoVerso <john@LOVERSO.SOUTHBOROUGH.MA.US>
From: John Robert LoVerso <john@LOVERSO.SOUTHBOROUGH.MA.US>
X-To: Pawel Wilk <siewca@pld.org.pl>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Message from Pawel Wilk <siewca@DIONE.IDS.PL>
<19990723221642.A15331@szarik> .
This isn't a problem with "troff" or any of it's varients. Instead,
this is an exploit purely with "groff", the GNU reimplementation. Troff
doesn't have the file stream or ".pso" requests; those are purely part
of groff.
Thus, this affects only systems with groff installed (all Linux and FreeBSD
systems, at least).
John
