[16530] in bugtraq
[security@slackware.com: [slackware-security] Perl root exploit
daemon@ATHENA.MIT.EDU (White Vampire)
Mon Sep 4 00:01:58 2000
Mail-Followup-To: White Vampire <whitevampire@mindless.com>,
bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="D6z0c4W1rkZNF4Vu"
Content-Disposition: inline
Message-ID: <20000903151244.G4272@nirvana>
Date: Sun, 3 Sep 2000 15:12:44 -0400
Reply-To: whitevampire@mindless.com
From: White Vampire <whitevampire@mindless.com>
To: BUGTRAQ@SECURITYFOCUS.COM
--D6z0c4W1rkZNF4Vu
Content-Type: multipart/mixed; boundary="Yia77v5a8fyVHJSl"
Content-Disposition: inline
--Yia77v5a8fyVHJSl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I had fixed this manually, as have a lot of
people. Nevertheless, this should still be of interest.
Regards,
--=20
__ ______ ____
/ \ / \ \ / / White Vampire\Rem
\ \/\/ /\ Y / http://www.projectgamma.com/
\ / \ / http://www.webfringe.com/
\__/\ / \___/ http://www.gammaforce.org/
\/ "Silly hacker, root is for administrators."
--Yia77v5a8fyVHJSl
Content-Type: message/rfc822
Content-Disposition: inline
Return-Path: <owner-slackware-security@connie.slackware.com>
Delivered-To: whitvamp@localhost
Received: (qmail 9238 invoked from network); 3 Sep 2000 01:04:14 -0000
Received: from localhost (127.0.0.1)
by localhost with SMTP; 3 Sep 2000 01:04:14 -0000
Delivered-To: whitvamp@monolith.projectgamma.com
Received: from monolith.projectgamma.com [216.226.17.243]
by localhost with POP3 (fetchmail-5.4.4)
for whitvamp@localhost (single-drop); Sat, 02 Sep 2000 21:04:14 -0400 (EDT)
Received: (qmail 1539 invoked from network); 2 Sep 2000 21:53:43 -0000
Received: from lmtp07.iname.net (HELO smv18.iname.net) (165.251.8.71)
by monolith.projectgamma.com with SMTP; 2 Sep 2000 21:53:43 -0000
Received: from connie.slackware.com (connie.slackware.com [204.216.27.13])
by smv18.iname.net (8.9.3/8.9.1SMV2) with ESMTP id UAA07787;
Sat, 2 Sep 2000 20:54:13 -0400 (EDT)
Received: (from daemon@localhost)
by connie.slackware.com (8.9.3/8.9.3) id PAA16487
for slackware-security-outgoing; Sat, 2 Sep 2000 15:59:28 -0700
Received: from localhost (security@localhost)
by connie.slackware.com (8.9.3/8.9.3) with ESMTP id PAA16484
for <slackware-security@slackware.com>; Sat, 2 Sep 2000 15:59:26 -0700
Date: Sat, 2 Sep 2000 15:59:25 -0700 (PDT)
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] Perl root exploit in Slackware 7.1 & -current
Message-ID: <Pine.LNX.4.10.10009021557500.16479-100000@connie.slackware.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-slackware-security@slackware.com
Precedence: bulk
Reply-To: Slackware Security Team <security@slackware.com>
A root exploit was found in the /usr/bin/suidperl5.6.0 program that
shipped with the Slackware 7.1 perl.tgz package.
It is recommended that all users of Slackware 7.1 (and -current) upgrade
to the perl.tgz package available in the Slackware -current branch.
====================================
perl 5.6.0 AVAILABLE - (d1/perl.tgz)
====================================
The root exploit in /usr/bin/suidperl5.6.0 has been patched. Hack
attempts are now logged to /var/log/syslog. The new perl.tgz
package is available from:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/d1/
Here are the md5sums and checksums for the packages:
1027099174 6464627 ./perl.tgz
0dfc1c46e3dd22033850fc69928588ec ./perl.tgz
INSTALLATION INSTRUCTIONS FOR THE perl.tgz PACKAGE:
---------------------------------------------------
If you have downloaded the new perl.tgz package, you should bring
the system into runlevel 1 and run upgradepkg on it:
# telinit 1
# upgradepkg perl.tgz
# telinit 3
Remember, it's also a good idea to backup configuration files before
upgrading packages.
- Slackware Linux Security Team
http://www.slackware.com
--Yia77v5a8fyVHJSl--
--D6z0c4W1rkZNF4Vu
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5sqKs3+rxmnEDyl8RAi9GAJ9zB0NeWSp0n/pKZI9CTPObP0b5pQCeL//d
8OZrS4gz2WjPq9Mp8UhQFvU=
=MR16
-----END PGP SIGNATURE-----
--D6z0c4W1rkZNF4Vu--
