Vulnerability Development mailing list archives

Re: Some work needed

From: White Vampire <whitevampire () mindless com>
Date: Tue, 8 Aug 2000 12:32:48 -0400

On Sun, Aug 06, 2000 at 07:15:15PM -0500, Jonathan Leto(jonathan () leto net) wrote:
: Is there any suggested fix for this and have the perl people been notified?

        There are all sorts of suggested fixes.  First of all, simply
remove the SUID bit from /usr/bin/suidperl*.

        If you really need to keep the SUID bit you can use a binary
replace as an adequate fix as suggested by Paul Szabo on Bugtraq:

  cd /usr/local/bin
  cp -i suidperl suidperl.ORIG
  perl -pe 's/mail root/NOmailZZZ/' < suidperl.ORIG > suidperl
  chmod 4711 suidperl

        One of those two fixes should suit your needs.  I suggest
reading the Bugtraq archive at http://www.securityfocus.com/ for more
information.

Regards,
-- 
    __      ______   ____
   /  \    /  \   \ /   / White Vampire\Rem
   \   \/\/   /\   Y   /  http://www.projectgamma.com/
    \        /  \     /   http://www.webfringe.com/
     \__/\  /    \___/    http://www.gammaforce.org/
          \/ "Silly hacker, root is for administrators."

Attachment: _bin
Description:

Current thread:

Some work needed Michal Zalewski (Aug 06)
- Re: Some work needed Jonathan Leto (Aug 07)
  - Re: Some work needed Michal Zalewski (Aug 08)
  - Re: Some work needed White Vampire (Aug 09)
- Re: Some work needed Luis Pinto (Aug 08)
  - Re: Some work needed White Vampire (Aug 09)
- Re: Perl exploit (was: Some work needed) Rafal Wojtczuk (Aug 08)