Privilege Escalation via Insecure chown in Man-db Cleanup Job

Privilege Escalation via Insecure chown in Man-db Cleanup Job

CVE-2015-1336 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.

Learn more about our Cis Benchmark Audit For Debian Linux.