はてなブックマーク

A 10-year old root exploit was found in the Unix “man” program used for displaying system documentation. The “man trap exploit” is triggered when certain key combinations and escape sequences are triggered in malicious man pages, which would be able to use the screen buffer memory to replay login details. Infected man pages have been found in the core utilities of virtually every Linux and BSD dis