[2846] in bugtraq
Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability
daemon@ATHENA.MIT.EDU (Michael Constant)
Sun Jun 30 13:32:27 1996
Date: Sun, 30 Jun 1996 06:37:56 -0700
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Michael Constant <mconst@typhoon-ether.Berkeley.EDU>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
> Exactly which versions of perl are susceptible to this? I tried
> it using /usr/contrib/bin/perl on a BSD/OS 2.0 system as well as
> /usr/bin/perl on FreeBSD 2.1/2.2 systems, and none gave a root shell.
Any copy of perl which is setuid root (they're typically named "sperl*"
or "suidperl"). The exploit does work on my FreeBSD 2.1.0-RELEASE system.
- Michael Constant
