• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Apple Mac OS X Perl Insecure Privilege Dropping Weakness

Apple Mac OS X's Perl is susceptible to an insecure privilege-dropping weakness. This issue is due to Perl's failure to correctly drop privileges. Presumably, the cause of this issue is a flaw in Perl's compilation options.

This vulnerability may allow attackers that exploit latent vulnerabilities in Perl applications to gain elevated privileges, increasing the potential for damage. The exact impact of exploitation depends on the specific use and implementation of the privilege-dropping facilities in affected Perl applications.

Mac OS X version 10.3.9 is reported vulnerable to this issue. Other versions may also be affected.