Slackware Malicious Manual Page Cache File Creation Vulnerability

Slackware Linux contains a configuration error that enables local users to create files in the directory used by the system manual pager ('man') for cache files.

Due to the behaviour of the 'man' program, it may be possible for an attacker to create a malicious cache file causing the execution of arbitrary code when another user views a manual page corresponding to that cache file.


 

Privacy Statement
Copyright 2010, SecurityFocus