Search CVE reports
1 – 3 of 3 results
CVE-2018-25078
Medium priorityman-db before 2.8.5 on Gentoo allows local users (with access to the man user account) to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. (Also, the owner can strip the setuid and setgid bits.)
1 affected packages
man-db
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
man-db | — | Not affected | Not affected | Not affected | Not affected |
CVE-2015-1336
Low prioritySome fixes available 1 of 6
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.
1 affected packages
man-db
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
man-db | Not affected | Not affected | Not affected | Not affected | Fixed |
CVE-2006-4250
Negligible prioritySome fixes available 9 of 11
Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag.
1 affected packages
man-db
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
man-db | — | — | — | — | — |