[VIM] man2web mess

Steven M. Christey coley at linus.mitre.org
Thu Sep 22 01:04:04 EDT 2005

On Tue, 20 Sep 2005, security curmudgeon wrote:

> So the confusion comes in: what are the products vs vulnerable scripts?
> First URL suggests Man2web and ManViewer are two products, and man-cgi,
> man2web and man2html are the scripts. But it also suggests ManViewer may
> be a script or product as the first line mentions two scripts and
> manviewer in the same line:

My read is that man2web is the product.  from the exploit:

  x86/linux multipie man2web cgi-scripts remote command spawn

the man-cgi, man2web, and man2html "targets" are discriminated based on
how the "-P" argument is appended to the /cgi-bin/man-cgi URL, suggesting
to me that man-cgi is the binary, but under the hood there are multiple
programs that are launched.

But then again I just downloaded an old (2003) copy of "man2web" 0.88 and
a grep for man2html failed.

A grab of "ManViewer" 0.9 from 2000 didn't help much, although it appears
to call man2html but there's nothing for man2web.


Wonder if this exploit was tested on some custom installation.

a mess, indeed...

- Steve

More information about the VIM mailing list