Bugtraq mailing list archives
Re: BoS: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd)
From: jdc () ISM NET (John-David Childs)
Date: Sun, 30 Jun 1996 21:58:04 -0600
On Sun, 30 Jun 1996, Kai wrote:
Brian Tao wrote:On Sun, 30 Jun 1996, Dan Polivy wrote:On a BSD/OS 2.0 system, running the script produces "Can't swap uid and euid.". The exploit works on my FreeBSD systems from 2.1R through to 2.2-960501-SNAP. 2.2-960612-SNAP appears to have already fixed the problem. I imagine the recent 2.1.5 snapshots are not vulnerable either, but I haven't had a chance to verify. --execution on my system results in a 'Insecure PATH at ./blah line 3.' , no matter what program exec is calling in the exploit script. Why is that ?
Try #!/usr/bin/suidperl -U (you probably don't have -U) As others have stated, 2.1-STABLE proved vulnerable on my system, but BSDi 2.0/2.01 was not. -- John-David Childs www.marsweb.com/www.ism.net System Administrator Internet Services Montana (406)721-6277 & Network Engineer M@RSWeb - Montana's PREMIER Web Site "I used up all my sick days....so I'm calling in dead"
Current thread:
- Re: BoS: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd) Brian Tao (Jun 30)
- <Possible follow-ups>
- Re: BoS: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd) Kai (Jun 30)
- Re: BoS: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd) John-David Childs (Jun 30)