On Sun, May 13, 2001 at 08:07:34PM -0000, zenith parsec wrote: > ======================================================== > Vulnerable systems: redhat 7.0 with man-1.5h1-10 (default > package) and earlier. > ========================================================= > Heap Based Overflow of man via -S option gives GID man. Caldera OpenLinux is not vulnerable to this problem. Our man-1.5 package comes with a patch that forks off a "cache manager" thread that puts formatted pages into /var/catman, while the man application itself continues in the foreground without any privilege. Olaf -- Olaf Kirch | --- o --- Nous sommes du soleil we love when we play okirat_private | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax okirat_private +-------------------- Why Not?! ----------------------- UNIX, n.: Spanish manufacturer of fire extinguishers.
This archive was generated by hypermail 2b30 : Tue May 15 2001 - 00:51:46 PDT