Bugtraq mailing list archives
Re: BoS: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd)
From: taob () IO ORG (Brian Tao)
Date: Sun, 30 Jun 1996 12:14:10 -0400
On Sun, 30 Jun 1996, Dan Polivy wrote:
Does /bin/bash exist on your system? Is the script setuid to anything? (It should have either the user or group +s, i think) It worked for me on my FreeBSD machines (2.1 and -stable)...
Small glitch on my mistake... I had tried the script as originally presented to me, with #!/usr/bin/perl. Changing that to suidperl alters the results (I thought perl automatically fed a setuid script to suidperl). On a BSD/OS 2.0 system, running the script produces "Can't swap uid and euid.". The exploit works on my FreeBSD systems from 2.1R through to 2.2-960501-SNAP. 2.2-960612-SNAP appears to have already fixed the problem. I imagine the recent 2.1.5 snapshots are not vulnerable either, but I haven't had a chance to verify. -- Brian Tao (BT300, taob () io org, taob () ican net) Systems and Network Administrator, Internet Canada Corp. "Though this be madness, yet there is method in't"
Current thread:
- Re: BoS: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd) Brian Tao (Jun 30)
- <Possible follow-ups>
- Re: BoS: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd) Kai (Jun 30)
- Re: BoS: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd) John-David Childs (Jun 30)