Vulnerability Information List: bugtraq Subject: SuSe / Debian man package format string vulnerability From: Joao Gouveia Date: 2001-01-31 14:22:01 Description: - The SuSe Linux man package (versions 6.1 through 7.0) has a format string vulnerability. - Debian 2.2r2 has the same vulnerability. - The vulnerability is known but overlooked. Reference: - Discussing in vuln-dev on 2001-01-26: http://www.securityfocus.com/templates/archive.pike&end=2001-01-27&tid=158724&fromthread=0&start=2001-01-21&threads=1&list=82&) Proof of Concept: - Author: Joao Gouveia Contact: tharbad@kaotik.org Acknowledgments: Posted on SUSE and Debian security lists.