SuidPerl Mail Shell Escape Vulnerability

Bugtraq ID: 1547
Class: Environment Error
CVE:
Remote: No
Local: Yes
Published: Aug 07 2000 12:00AM
Updated: Aug 07 2000 12:00AM
Credit: This vulnerability was discovered by Sebastian Krahmer <krahmer@cs.uni-potsdam.de> and Michal Zalewski <lcamtuf@dione.ids.pl>.
Vulnerable: RedHat perl-5.00503-10.i386.rpm
+ Red Hat Linux 6.2
 RedHat perl-5.004m4-1.i386.rpm
+ RedHat Linux 5.2
RedHat mailx-8.1.1-5.i386.rpm
+ RedHat Linux 5.2
RedHat mailx-8.1.1-10.i386.rpm
+ Red Hat Linux 6.2
 Larry Wall Perl 5.6
+ Mandriva Linux Mandrake 7.1
Larry Wall Perl 5.0 05_003
+ Debian Linux 2.2 sparc
 + Debian Linux 2.2 powerpc
 + Debian Linux 2.2 arm
 + Debian Linux 2.2 alpha
 + Debian Linux 2.2
+ Debian Linux 2.1 sparc
 + Debian Linux 2.1 alpha
 + Debian Linux 2.1 68k
 + Debian Linux 2.1
+ Mandriva Linux Mandrake 7.0
+ Mandriva Linux Mandrake 6.1
+ Mandriva Linux Mandrake 6.0
+ RedHat Linux 6.2 E sparc
 + RedHat Linux 6.2 E i386
 + RedHat Linux 6.2 E alpha
 + RedHat Linux 6.2 sparc
 + RedHat Linux 6.2 i386
 + RedHat Linux 6.2 alpha
 + RedHat Linux 6.1 sparc
 + RedHat Linux 6.1 i386
 + RedHat Linux 6.1 alpha
 + RedHat Linux 6.0 sparc
 + RedHat Linux 6.0 alpha
 + RedHat Linux 6.0
+ SCO eDesktop 2.4
+ SCO eServer 2.3
+ Trustix Trustix Secure Linux 1.1
+ Turbolinux Turbolinux 6.0.4
+ Turbolinux Turbolinux 6.0.3
+ Turbolinux Turbolinux 6.0.2
+ Turbolinux Turbolinux 6.0.1
+ Turbolinux Turbolinux 6.0
+ Turbolinux Turbolinux 4.4
+ Turbolinux Turbolinux 4.2
+ Turbolinux Turbolinux 4.0
Larry Wall Perl 5.0 05
Larry Wall Perl 5.0 04_05
+ RedHat Linux 5.2 sparc
 + RedHat Linux 5.2 i386
 + RedHat Linux 5.2 alpha
 + RedHat Linux 5.1
+ RedHat Linux 5.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus