Re: SuSe / Debian man package format string vulnerability

[Jose Nazario]

On Sun, 4 Feb 2001, Martin Schulze wrote:

> Please tell me what you gain from this.  man does not run setuid
> root/man but only setgid man.  So all you can exploit this to is a
> shell running under your ownl user ide.

sucker admins who m4 their sendmail.mc's as root, chiefly if you trick
them into processing an untrusted and untrustworthy .mc file.

____________________________
jose nazario                                                 [EMAIL PROTECTED]
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)