[VIM] man2web mess

Steven M. Christey coley at linus.mitre.org
Thu Sep 22 01:04:04 EDT 2005


On Tue, 20 Sep 2005, security curmudgeon wrote:

> So the confusion comes in: what are the products vs vulnerable scripts?
>
> First URL suggests Man2web and ManViewer are two products, and man-cgi,
> man2web and man2html are the scripts. But it also suggests ManViewer may
> be a script or product as the first line mentions two scripts and
> manviewer in the same line:

My read is that man2web is the product.  from the exploit:

  x86/linux multipie man2web cgi-scripts remote command spawn

the man-cgi, man2web, and man2html "targets" are discriminated based on
how the "-P" argument is appended to the /cgi-bin/man-cgi URL, suggesting
to me that man-cgi is the binary, but under the hood there are multiple
programs that are launched.

But then again I just downloaded an old (2003) copy of "man2web" 0.88 and
a grep for man2html failed.

A grab of "ManViewer" 0.9 from 2000 didn't help much, although it appears
to call man2html but there's nothing for man2web.

hmmmmmmmmmmmmmm

Wonder if this exploit was tested on some custom installation.

a mess, indeed...

- Steve


More information about the VIM mailing list