[20679] in bugtraq
Re: RH7.0: man local gid 15 (man) exploit
daemon@ATHENA.MIT.EDU (Stephen Shirley)
Wed May 16 18:38:51 2001
Date: Wed, 16 May 2001 18:06:12 +0100 (IST)
From: Stephen Shirley <diamond@skynet.ie>
To: Bugtraq Mailing List <bugtraq@securityfocus.com>
Message-ID: <Pine.LNX.4.32.0105161802130.26654-100000@skynet>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Hi,
The info posted to get man to seg fault is slightly incorrect. You
need to supply some text as the name of a man page - otherwise man will
reject all input. The number of :'s is irrelevat too - one is enough.
man -S : blah
will cause a seg fault. This has been confirmed on debian 2.2 woody, and I
submitted a patch to fix it. The new version is in unstable - ver
2.3.18-2. From the changelog of 2.3.18-2:
* man would segfault if the argument to -S contained only colons, and
incidentally treated an empty argument to -S wrongly. Both cases now
use the standard list of sections instead (thanks, Colin Phipps and
Stephen Shirley; closes: #97553, #97566).
Steve
--
"My mom had Windows at work and it hurt her eyes real bad"
