[19021] in bugtraq
Re: SuSe / Debian man package format string vulnerability
daemon@ATHENA.MIT.EDU (Andreas Ferber)
Mon Feb 5 20:22:35 2001
Mail-Followup-To: BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="Dxnq1zWXvFF0Q93v"
Content-Disposition: inline
Message-ID: <20010205204009.C22148@kallisto.home>
Date: Mon, 5 Feb 2001 20:40:09 +0100
Reply-To: Andreas Ferber <aferber@TECHFAK.UNI-BIELEFELD.DE>
From: Andreas Ferber <aferber@TECHFAK.UNI-BIELEFELD.DE>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <3A7E8FD7.FF012EF3@hushmail.com>; from johns@HUSHMAIL.COM on Mon,
Feb 05, 2001 at 06:34:47AM -0500
--Dxnq1zWXvFF0Q93v
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi,
On Mon, Feb 05, 2001 at 06:34:47AM -0500, John wrote:
> On my Debian 2.2 system 'man' was installed
> suid root. I don't know about Debian 2.3 but,
> Debian 2.2 does install 'man' suid root.
No, this is not true:
$ ls -la /usr/lib/man-db/man
-rwsr-xr-x 1 man root 82848 Apr 4 2000 /usr/lib/man-db/man
$
This is the actual man binary (/usr/bin/man is only a wrapper, did not
examine closer what it does, but it has no setu/gid bit set), after a
plain Debian 2.2 potato install.
Andreas
--=20
After the last of 16 mounting screws has been removed from an access
cover, it will be discovered that the wrong access cover has been removed.
--Dxnq1zWXvFF0Q93v
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6fwGZfO23eTjctSoRAtYIAJ0QV9XbIPXEN5lciY8Sm+lcNya3NACfeUDk
3Vu6F14q91hhW5l9mzSVUes=
=nA5s
-----END PGP SIGNATURE-----
--Dxnq1zWXvFF0Q93v--
