Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability

[jlewis () inorganic5 fdt net (Jon Lewis)]

On Sun, 30 Jun 1996, Andrew Liles wrote:

> >     Exactly which versions of perl are susceptible to this?  I tried
> > it using /usr/contrib/bin/perl on a BSD/OS 2.0 system as well as
> > /usr/bin/perl on FreeBSD 2.1/2.2 systems, and none gave a root shell.
>
> It seems to work on version 4 and 5 of suidperl. A regular non-suid perl
> does not have the vulnerability. So far, 3 machines that I have accounts
> on (all being linux boxes) have yielded root shells, but it seems that

I've tested perl 5.001 on Linux 1.2.x and IRIX 5.3 and gotten root.
Accounts on Solaris 2.5, AIX and BSDI 2.0 systems were not testable as the
Solaris and AIX ones had rm'd suidperl and the BSDI one had done a chmod
0000 suidperl...so I assume they were either vulnerable or just paranoid.

I didn't bother testing my linux 1.3.x or 2.0.0 boxes, but assumed they
were vulnerable and upgraded them all to 5.003.

------------------------------------------------------------------
 Jon Lewis                      |  Mime attachments are OK
 jlewis () inorganic5 fdt net      |  But please ask before sending
 http://inorganic5.fdt.net      |  unsolicited huge files.
________Finger jlewis () inorganic5 fdt net for PGP public key_______