CVE-2003-0620 Information
Feb 14, 2021
cve
Description
Multiple buffer overflows in man-db 2.4.1 and earlier when installed setuid allow local users to gain privileges via (1) MANDATORY_MANPATH MANPATH_MAP and MANDB_MAP arguments to add_to_dirlist in manp.c (2) a long pathname to ult_src in ult_src.c (3) a long .so argument to test_for_include in ult_src.c (4) a long MANPATH environment variable or (5) a long PATH environment variable.
Reference
http://marc.info/?l=bugtraq&m=105951284512898&w=2 http://marc.info/?l=bugtraq&m=105960276803617&w=2 http://www.debian.org/security/2003/dsa-364
Share on: