ID CVE-2006-4250
Summary Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag.
References
Vulnerable Configurations
  • Debian Debian Linux 3.1
    cpe:2.3:o:debian:debian_linux:3.1
  • cpe:2.3:o:debian:debian_linux:3.1:-:alpha
    cpe:2.3:o:debian:debian_linux:3.1:-:alpha
  • cpe:2.3:o:debian:debian_linux:3.1:-:amd64
    cpe:2.3:o:debian:debian_linux:3.1:-:amd64
  • cpe:2.3:o:debian:debian_linux:3.1:-:arm
    cpe:2.3:o:debian:debian_linux:3.1:-:arm
  • cpe:2.3:o:debian:debian_linux:3.1:-:hppa
    cpe:2.3:o:debian:debian_linux:3.1:-:hppa
  • cpe:2.3:o:debian:debian_linux:3.1:-:ia-32
    cpe:2.3:o:debian:debian_linux:3.1:-:ia-32
  • cpe:2.3:o:debian:debian_linux:3.1:-:ia-64
    cpe:2.3:o:debian:debian_linux:3.1:-:ia-64
  • cpe:2.3:o:debian:debian_linux:3.1:-:m68k
    cpe:2.3:o:debian:debian_linux:3.1:-:m68k
  • cpe:2.3:o:debian:debian_linux:3.1:-:mips
    cpe:2.3:o:debian:debian_linux:3.1:-:mips
  • cpe:2.3:o:debian:debian_linux:3.1:-:mipsel
    cpe:2.3:o:debian:debian_linux:3.1:-:mipsel
  • cpe:2.3:o:debian:debian_linux:3.1:-:ppc
    cpe:2.3:o:debian:debian_linux:3.1:-:ppc
  • cpe:2.3:o:debian:debian_linux:3.1:-:s-390
    cpe:2.3:o:debian:debian_linux:3.1:-:s-390
  • cpe:2.3:o:debian:debian_linux:3.1:-:sparc
    cpe:2.3:o:debian:debian_linux:3.1:-:sparc
  • cpe:2.3:o:debian:debian_linux:3.1:r1
    cpe:2.3:o:debian:debian_linux:3.1:r1
CVSS
Base: 4.6 (as of 10-04-2007 - 14:28)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Man Command -H Flag Local Buffer Overflow Vulnerability. CVE-2006-4250. Local exploit for linux platform
id EDB-ID:29822
last seen 2016-02-03
modified 2007-04-06
published 2007-04-06
reporter Daniel Roethlisberger
source https://www.exploit-db.com/download/29822/
title Man Command -H Flag Local Buffer Overflow Vulnerability
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1278.NASL
    description A buffer overflow has been discovered in the man command that could allow an attacker to execute code as the man user by providing specially crafted arguments to the -H flag. This is likely to be an issue only on machines with the man and mandb programs installed setuid.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 25012
    published 2007-04-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25012
    title Debian DSA-1278-1 : man-db - buffer overflow
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MAN-3100.NASL
    description A heap based buffer overflow in the 'man' command could potentially be exploited by users to run code as root (CVE-2006-4250).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27345
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27345
    title openSUSE 10 Security Update : man (man-3100)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MAN-3101.NASL
    description A heap-based buffer overflow in the 'man' command could potentially be exploited by users to run code as root. (CVE-2006-4250)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29520
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29520
    title SuSE 10 Security Update : man (ZYPP Patch Number 3101)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_11492.NASL
    description A heap-based buffer overflow in the 'man' command could potentially be exploited by users to run code as root. (CVE-2006-4250)
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 41126
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41126
    title SuSE9 Security Update : man (YOU Patch Number 11492)
refmap via4
bid 23355
debian DSA-1278
secunia
  • 24801
  • 24828
  • 24995
suse SUSE-SR:2007:007
vupen
  • ADV-2007-1294
  • ADV-2007-1295
xf mandb-hflag-bo(33508)
Last major update 07-03-2011 - 21:40
Published 10-04-2007 - 14:19
Last modified 19-07-2017 - 21:32
Back to Top