[14063] in bugtraq
Re: man bugs might lead to root compromise (RH 6.1 and other
daemon@ATHENA.MIT.EDU (Michal Zalewski)
Mon Feb 28 14:08:08 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.21.0002280901120.2162-100000@dione.ids.pl>
Date: Mon, 28 Feb 2000 09:01:56 +0100
Reply-To: Michal Zalewski <lcamtuf@DIONE.IDS.PL>
From: Michal Zalewski <lcamtuf@DIONE.IDS.PL>
X-To: H D Moore <hdm@secureaustin.com>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <38BA0428.E626D348@secureaustin.com>
On Sun, 27 Feb 2000, H D Moore wrote:
> Hi,
>
> I could not reproduce this on a SuSE 6.2 system running:
>
> man, version 2.3.10, db 2.3.1, July 12th, 1995
> (G.Wilford@ee.surrey.ac.uk)
>
> My copy is setgid man and I also subjected it to 4,8, and 20 kb buffers
> in every envrionment variable it uses without it flinching.
Try setting PAGER instead of MANPAGER - older man version used it.
_______________________________________________________
Michal Zalewski * [lcamtuf@ags.pl] <=> [AGS WAN SYSADM]
[dione.ids.pl SYSADM] <-> [http://lcamtuf.na.export.pl]
[+48 22 551 45 93] [+48 603 110 160] bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=
