EIP-2026-102812

PRE-CVE

Debian 2.1/2.2 - Man Cache File Creation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102812. PoCs published by jenggo.

AI-analyzed exploit summary This exploit leverages a symlink redirection vulnerability in the 'man' program to cache malicious files outside the intended directory hierarchy, leading to local privilege escalation. It manipulates the PATH and exploits the 'mandb' utility to execute arbitrary code with elevated privileges.

Description

Debian 2.1/2.2 - Man Cache File Creation

Exploits (1)

exploitdb WORKING POC VERIFIED

by jenggo · bashlocallinux

https://www.exploit-db.com/exploits/20897

View Code ZIP pw:eip

This exploit leverages a symlink redirection vulnerability in the 'man' program to cache malicious files outside the intended directory hierarchy, leading to local privilege escalation. It manipulates the PATH and exploits the 'mandb' utility to execute arbitrary code with elevated privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: man-db <= 2.3.16-3, 2.3.17-3.2

No auth needed

Prerequisites: Local access to the system · Presence of vulnerable 'man-db' version · Executable binaries: groff, grotty, troff, gcc

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1204 - User Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026