Bugtraq mailing list archives
Re: man bugs might lead to root compromise (RH 6.1 and other boxes)
From: hdm () SECUREAUSTIN COM (H D Moore)
Date: Mon, 28 Feb 2000 05:54:26 -0600
I tried PAGERas well as every other environment variable I could tell it read, no luck. The PAGER just gives me "AAAAAAAAA" ... "AA: Command not found." -HD Michal Zalewski wrote:
On Sun, 27 Feb 2000, H D Moore wrote:Hi, I could not reproduce this on a SuSE 6.2 system running: man, version 2.3.10, db 2.3.1, July 12th, 1995 (G.Wilford () ee surrey ac uk) My copy is setgid man and I also subjected it to 4,8, and 20 kb buffers in every envrionment variable it uses without it flinching.Try setting PAGER instead of MANPAGER - older man version used it. _______________________________________________________ Michal Zalewski * [lcamtuf () ags pl] <=> [AGS WAN SYSADM] [dione.ids.pl SYSADM] <-> [http://lcamtuf.na.export.pl] [+48 22 551 45 93] [+48 603 110 160] bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----=
Current thread:
- Advisory: Foundry Networks ServerIron TCP/IP sequence predictability, (continued)
- Advisory: Foundry Networks ServerIron TCP/IP sequence predictability Andrew van der Stock (Feb 27)
- Zonealarm exports sensitive data Andrew Daviel (Feb 24)
- Re: Zonealarm exports sensitive data Brett Glass (Feb 25)
- Re: Zonealarm exports sensitive data Robert Graham (Feb 28)
- Re: Wordpad vulnerability, exploitable also in IE for Win9x Curtis Anderson, CNE, MCSE (Feb 25)
- Troj_Trinoo and ZZ Simple Nomad (Feb 25)
- man bugs might lead to root compromise (RH 6.1 and other boxes) Michal Zalewski (Feb 26)
- Re: man bugs might lead to root compromise (RH 6.1 and other boxes) Mark Whitis (Feb 27)
- Re: man bugs might lead to root compromise (RH 6.1 and other boxes) H D Moore (Feb 27)
- Re: man bugs might lead to root compromise (RH 6.1 and other boxes) Michal Zalewski (Feb 28)
- Re: man bugs might lead to root compromise (RH 6.1 and other boxes) H D Moore (Feb 28)
- DOS in TrendMicro OfficeScan Veille Technologique (Feb 28)
- TrendMicro OfficeScan tmlisten.exe DoS Jeff Stevens (Feb 25)
- Re: Troj_Trinoo and ZZ Simple Nomad (Feb 26)