VULHUB ™

Internet Security Systems Security Advisory - GNU Groff utilities read untrusted commands from the current working directory. This vulnerability takes advantage of "troff" and "groff", the front-end for troff. The use of "troff" does not restrict the searchable path while "groff" can be manipulated into running a dangerous command or file outside of the normal path. Unsuspecting users, including root, could be tricked into running arbitrary commands on the system.

Internet Security Systems Security Advisory - GNU Groff utilities read untrusted commands from the current working directory. This vulnerability takes advantage of "troff" and "groff", the front-end for troff. The use of "troff" does not restrict the searchable path while "groff" can be manipulated into running a dangerous command or file outside of the normal path. Unsuspecting users, including root, could be tricked into running arbitrary commands on the system.