Debian Security Advisory

sperl -- local root exploit

Date Reported:
undated
Affected Packages:
perl-suid
Vulnerable:
Yes
Security database references:
CERT's vulnerabilities, advisories and incident notes: CA-1997-17.
More information:
Users can gain root access with suidperl version 5.003.

If called with crafted parameters, a buffer overflow condition in suidperl could allow a user to execute arbitrary commands as root.

Unpatched versions of suidperl (sperl) 4.n and 5.n prior to 5.004, are vulnerable.

Fixed in:
Intel - (in release 1.1) 5.003.07-10