CVE-2003-0645 Information

Description

man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file even when running setuid which could allow local users to gain privileges.

Reference

http://marc.info/?l=bugtraq&m=106018504800341&w=2 http://www.debian.org/security/2003/dsa-364 http://www.securityfocus.com/bid/8352 https://exchange.xforce.ibmcloud.com/vulnerabilities/12848