Re: man bugs might lead to root compromise (RH 6.1 and other

From: Michal Zalewski (lcamtufat_private)
Date: Mon Feb 28 2000 - 00:01:56 PST

Next message: Christophe GRENIER: "Re: Scorpion Marlin"

Previous message: Theo de Raadt: "Re: SSH & xauth"
Next in thread: H D Moore: "Re: man bugs might lead to root compromise (RH 6.1 and other"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 27 Feb 2000, H D Moore wrote:

> Hi,
>
> I could not reproduce this on a SuSE 6.2 system running:
>
> man, version 2.3.10, db 2.3.1, July 12th, 1995
> (G.Wilfordat_private)
>
> My copy is setgid man and I also subjected it to 4,8, and 20 kb buffers
> in every envrionment variable it uses without it flinching.

Try setting PAGER instead of MANPAGER - older man version used it.

_______________________________________________________
Michal Zalewski * [lcamtufat_private] <=> [AGS WAN SYSADM]
[dione.ids.pl SYSADM] <-> [http://lcamtuf.na.export.pl]
[+48 22 551 45 93] [+48 603 110 160] bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=

Next message: Christophe GRENIER: "Re: Scorpion Marlin"
Previous message: Theo de Raadt: "Re: SSH & xauth"
Next in thread: H D Moore: "Re: man bugs might lead to root compromise (RH 6.1 and other"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:37:41 PDT