[VIM] man2web mess

security curmudgeon jericho at attrition.org
Tue Sep 20 21:20:34 EDT 2005


man2web allows remote attackers to execute arbitrary commands via -P 


BID doesn't reference anything remotely (other than vendor home page) but 
credits "tracewar".

Three exploit URLs and relevant text:
Man-cgi/Man2web/ManViewer Remote Command Execution Exploit
Exploit coded and bugs found by tracewar of DarkLogic
[+] Man2web (ALL VERSIONS)
[+] ManViewer (ALL VERSIONS)
targets: 0=Man-cgi 1=man2web 2=Man2html

x86/linux multipie man2web cgi-scripts remote command spawn
targets: \n0=man-cgi\n1=man2web\n2=man2html

(same as above)

So the confusion comes in: what are the products vs vulnerable scripts?

First URL suggests Man2web and ManViewer are two products, and man-cgi, 
man2web and man2html are the scripts. But it also suggests ManViewer may 
be a script or product as the first line mentions two scripts and 
manviewer in the same line:

Man-cgi/Man2web/ManViewer Remote Command Execution Exploit
[+] ManViewer (ALL VERSIONS)

More information about the VIM mailing list