173919 – sys-apps/man-db < 2.4.4 local privilege escalation (CVE-2006-4250)

Bug 173919 - sys-apps/man-db < 2.4.4 local privilege escalation (CVE-2006-4250)

Summary: sys-apps/man-db < 2.4.4 local privilege escalation (CVE-2006-4250)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High trivial (vote)
Assignee:	Gentoo's Team for Core System packages

URL:	http://secunia.com/advisories/24801/
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2007-04-09 15:15 UTC by Pierre-Yves Rofes (RETIRED)
Modified:	2007-04-13 10:19 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Pierre-Yves Rofes (RETIRED) gentoo-dev

2007-04-09 15:15:13 UTC

Jochen Voß has reported a vulnerability in man-db, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to a boundary error if the "BROWSER" environment variable contains "%s" expansions. This can be exploited to cause a buffer overflow and may allow the execution of arbitrary code with escalated privileges.

Solution:
Update to version 2.4.4.

Comment 1 Pierre-Yves Rofes (RETIRED) gentoo-dev

2007-04-09 15:16:46 UTC

setting status.

Comment 2 SpanKY gentoo-dev

2007-04-13 10:14:51 UTC

no need for security to be involved as no one has ever stabled this package

Comment 3 SpanKY gentoo-dev

2007-04-13 10:19:22 UTC

2.4.4 now in portage