mandb in the man-db package prior to 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
progeny debian 1.0 |
||
debian debian linux 2.2 |