Format String Vulnerability in man Utility on Linux Distributions
CVE-2001-0193

Currently unrated

Key Information:

Vendor: Debian
Status: Debian Linux; Suse Linux
Vendor: CVE Published:; 3 May 2001

Summary

A format string vulnerability exists in the man utility across certain Linux distributions, allowing local users to exploit malformed parameters. Specifically, the -l option can be manipulated to execute arbitrary code with elevated privileges. This security weakness could enable unauthorized users to gain higher access levels, presenting a significant risk if unpatched.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/6059

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=98096782126481&w=2

mailing-listx_refsource_BUGTRAQ

http://www.debian.org/security/2001/dsa-028

vendor-advisoryx_refsource_DEBIAN

Timeline

Vulnerability published
May 3, 2001
Vulnerability Reserved
Mar 8, 2001