What Are You Looking For?

Sign Up

- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200306-06
- - ---------------------------------------------------------------------

          PACKAGE : man
          SUMMARY : format string exploit
             DATE : 2003-06-14 16:40 UTC
          EXPLOIT : local
VERSIONS AFFECTED : =man-1.5l-r5
              CVE :

- - ---------------------------------------------------------------------

from advisory:
"man v1.5l, and below, contain a format string vulnerability.
the vulnerability occurs when man uses an optional catalog file, supplied
by the NLSPATH/LANG environmental variables."

Read the full advisory at 
https://marc.theaimsgroup.com/?l=bugtraq&m=105474717920585&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
sys-apps/man upgrade to man-1.5l-r5 as follows

emerge sync
emerge man
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at   
- - ---------------------------------------------------------------------

Gentoo: man Format string vulnerability

man v1.5l, and below, contain a format string vulnerability.the vulnerability occurs when man uses an optional catalog file, suppliedby the NLSPATH/LANG environmental variables.

Summary


- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200306-06
- - ---------------------------------------------------------------------

- - ---------------------------------------------------------------------

from advisory:
"man v1.5l, and below, contain a format string vulnerability.
the vulnerability occurs when man uses an optional catalog file, supplied
by the NLSPATH/LANG environmental variables."

Read the full advisory at 
https://marc.theaimsgroup.com/?l=bugtraq&m=105474717920585&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
sys-apps/man upgrade to man-1.5l-r5 as follows

emerge sync
emerge man
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at   
- - ---------------------------------------------------------------------

Resolution

References

Availability

Concerns

Severity
PACKAGE : man
SUMMARY : format string exploit
DATE : 2003-06-14 16:40 UTC
EXPLOIT : local
VERSIONS AFFECTED : =man-1.5l-r5
CVE :

Synopsis

Background

Affected Packages

Impact

Workaround

Related News

From Heartbleed to Now: Evolving Threats in OpenSSL and How to Guard Against Them

Nov 17, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Nov 25, 2023

Severe Chromium Bug Threatens Sensitive Data, System Availability

Nov 13, 2023

News

Advisories

HOWTOs

Features

Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses

About Us

Powered By

Footer Logo