Test ID:	1.3.6.1.4.1.25623.1.0.50940
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2003:134
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2003:134. The man package includes tools for finding information and documentation about commands on a system. Versions of man before 1.51 have a bug where a malformed man file can cause a program named unsafe to be run. To exploit this vulnerability a local attacker would need to be able to get a victim to run man on a carefully crafted man file, and for the attacker to be able to create a file called unsafe that will be on the victim's default path. Users of man can upgrade to these erratum packages which contain a patch to correct this vulnerability. These erratum packages also contain fixes for a number of other bugs. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-134.html http://marc.theaimsgroup.com/?l=bugtraq&m=104740927915154 Risk factor : Medium CVSS Score: 4.6
Cross-Ref:	BugTraq ID: 7066 Common Vulnerability Exposure (CVE) ID: CVE-2003-0124 http://www.securityfocus.com/bid/7066 Bugtraq: 20030311 Vulnerability in man < 1.5l (Google Search) http://marc.info/?l=bugtraq&m=104740927915154&w=2 Conectiva Linux advisory: CLSA-2003:620 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000620 http://marc.info/?l=bugtraq&m=104802285112752&w=2 http://www.redhat.com/support/errata/RHSA-2003-133.html http://www.redhat.com/support/errata/RHSA-2003-134.html XForce ISS Database: man-myxsprintf-code-execution(11512) https://exchange.xforce.ibmcloud.com/vulnerabilities/11512
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.