Man Utility MANPL Environment Variable Buffer Overrun Vulnerability

Man Utility MANPL Environment Variable Buffer Overrun Vulnerability

It has been reported that the man utility may be prone to a buffer overrun condition, when handling environment variable data. The problem is said to occur due to insufficient bounds checking when handling data stored within the MANPL environment variables. As a result of this issue, a local attacker may be capable of executing arbitrary code with the privileges of man, typically setgid 'man'.