Debian: 'man-db' vulnerabilities

    Date08 May 2001
    Posted ByLinuxSecurity Advisories
    Ethan Benson found a bug in man-db packages as distributed in Debian/GNU/Linux 2.2.
    Debian Security Advisory DSA-056-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.                         Wichert Akkerman
    May  8, 2001
    Package        : man-db
    Problem type   : local file overwrite
    Debian-specific: no
    Ethan Benson found a bug in man-db packages as distributed in
    Debian/GNU/Linux 2.2. man-db includes a mandb tool which is used to
    build an index of the manual pages installed on a system. When the -u or
    -c option were given on the command-line to tell it to write its database
    to a different location it failed to properly drop privileges before
    creating a temporary file. This makes it possible for an attacked to do
    a standard symlink attack to trick mandb into overwriting any file that
    is writable by uid man, which includes the man and mandb binaries.
    This has been fixed in version 2.3.16-3, and we recommend that you
    upgrade your man-db package immediately. If you use suidmanager
    you can also use that to make sure man and mandb are not installed
    suid which protects you from this problem. This can be done with the
    following commands:
      suidregister /usr/lib/man-db/man root root 0755
      suidregister /usr/lib/man-db/mandb root root 0755
    Of course even when using suidmanager an upgrade is still strongly
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    Debian GNU/Linux 2.2 alias potato
      Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
      Source archives:
          MD5 checksum: 9b151e47acd5724d0a92b5ad7744d6ae
          MD5 checksum: dab73666ef671d0bb4995c4ba653d2c3
      Alpha architecture:
          MD5 checksum: 0e075e4788b1dc1edfa35d4d21a48252
      ARM architecture:
          MD5 checksum: 3de307e54eafaf23dea1f8016bc0a2aa
      Intel ia32 architecture:
          MD5 checksum: 434291472106de31c2f10dce3c725a3c
      Motorola 680x0 architecture:
          MD5 checksum: 3025cc1e2303dca7ebf3e6df7a60a587
      PowerPC architecture:
          MD5 checksum: 880642cfed94f5f02d9212e940ba0c46
      Sun Sparc architecture:
          MD5 checksum: 4df2f927732b9f6d1a5e9b62b8ecb0ff
      These packages will be moved into the stable distribution on its next
    For not yet released architectures please refer to the appropriate
    directory$arch/ .
    apt-get: deb stable/updates main
    dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    You are not authorised to post comments.

    Comments powered by CComment


    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"64","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.39,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.46,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.