Re: RH7.0: man local gid 15 (man) exploit

From: Stephen Shirley (diamondat_private)
Date: Wed May 16 2001 - 10:06:12 PDT

Next message: Adriano Dias: "RE: NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error V ulnerability]"

Previous message: Matt Rudge: "RE: About the new IIS %252c bug."
Maybe in reply to: zenith parsec: "RH7.0: man local gid 15 (man) exploit"
Reply: PJ: "Re: RH7.0: man local gid 15 (man) exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
	The info posted to get man to seg fault is slightly incorrect. You
need to supply some text as the name of a man page - otherwise man will
reject all input. The number of :'s is irrelevat too - one is enough.

man -S : blah
will cause a seg fault. This has been confirmed on debian 2.2 woody, and I
submitted a patch to fix it. The new version is in unstable - ver
2.3.18-2. From the changelog of 2.3.18-2:

  * man would segfault if the argument to -S contained only colons, and
    incidentally treated an empty argument to -S wrongly. Both cases now
    use the standard list of sections instead (thanks, Colin Phipps and
    Stephen Shirley; closes: #97553, #97566).

Steve
-- 
"My mom had Windows at work and it hurt her eyes real bad"

Next message: Adriano Dias: "RE: NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error V ulnerability]"
Previous message: Matt Rudge: "RE: About the new IIS %252c bug."
Maybe in reply to: zenith parsec: "RH7.0: man local gid 15 (man) exploit"
Reply: PJ: "Re: RH7.0: man local gid 15 (man) exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 16 2001 - 16:44:23 PDT