Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-102919. PoCs published by V9.
AI-analyzed exploit summary This exploit leverages a format string vulnerability in the `man` utility (v1.5l and below) by manipulating the NLSPATH/LANG environment variables to execute arbitrary shellcode with elevated privileges (setgid 'man'). The attack involves crafting a malicious catalog file and aligning environment variables to overwrite memory addresses.
Description
Man 1.5.1 - Catalog File Format String
Exploits (1)
This exploit leverages a format string vulnerability in the `man` utility (v1.5l and below) by manipulating the NLSPATH/LANG environment variables to execute arbitrary shellcode with elevated privileges (setgid 'man'). The attack involves crafting a malicious catalog file and aligning environment variables to overwrite memory addresses.