Bugtraq mailing list archives
Re: sperl 5.00503 (and newer ;) exploit
From: Paul Szabo <psz () MATHS USYD EDU AU>
Date: Tue, 8 Aug 2000 08:26:27 +1000
There have been some source patches posted. But what if you are too lazy (or busy) to re-build perl (or the person who built it is on holidays)? Use a binary editor to patch the suidperl binary, something like: cd /usr/local/bin cp -i suidperl suidperl.ORIG perl -pe 's/mail root/NOmailZZZ/' < suidperl.ORIG > suidperl chmod 4711 suidperl (Your file may be named sperl or sperl5.6.0 or whatever, and permissions or ownership may vary. Beware.) Looking for further problems, I checked 'strings suidperl' and it shows (besides the mail thing, and lots of irrelevant stuff): /usr/bin/csh /usr/bin/sed -e '1,/^#/d /bin/sh Are these dangerous? Where (why) are they used? Paul Szabo - psz () maths usyd edu au http://www.maths.usyd.edu.au:8000/u/psz/ School of Mathematics and Statistics University of Sydney 2006 Australia
Current thread:
- Re: sperl 5.00503 (and newer ;) exploit, (continued)
- Re: sperl 5.00503 (and newer ;) exploit Joey Hess (Aug 07)
- Re: sperl 5.00503 (and newer ;) exploit Pixel (Aug 07)
- Re: sperl 5.00503 (and newer ;) exploit Francis J. Lacoste (Aug 07)
- Re: sperl 5.00503 (and newer ;) exploit Greg A. Woods (Aug 09)
- Re: sperl 5.00503 (and newer ;) exploit Thomas Roessler (Aug 10)
- Re: sperl 5.00503 (and newer ;) exploit H. Peter Anvin (Aug 11)
- Re: sperl 5.00503 (and newer ;) exploit Solar Designer (Aug 07)
- Re: sperl 5.00503 (and newer ;) exploit Matthew Kirkwood (Aug 08)
- Re: sperl 5.00503 (and newer ;) exploit Randal L. Schwartz (Aug 10)