15 May
2001
15 May
'01
09:02
Hi I have read this on the securityfocus
Heap Based Overflow of man via -S option gives GID man. Due to a slight error in a length check, the -S option to man can cause a buffer overflow on the heap, allowing redirection of execution into user supplied code.
man -S `perl -e 'print ":" x 100'`
redhat 7.0 with man-1.5h1-10 (default package) and earlier.
but running it on suse with man-2.3.10d69s-190 I also get the same thing $ man -S `perl -e 'print ":" x 100'` sometext Segmentation fault -- Togan Muftuoglu