[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

(fwd) Security Update: sperl vulnerability

[Suidperl vulnerability fix update for Caldera, please upgrade -- Raju]

This is an RFC 1153 digest.
(1 message)

Approved-By: aleph1@xxxxxxxxxxxxxxxxx
Delivered-To: bugtraq@xxxxxxxxxxxxxxxxxxxxxxx
Received: from securityfocus.com (mail.securityfocus.com []) by
          lists.securityfocus.com (Postfix) with SMTP id B9E351F9E9 for
          <bugtraq@xxxxxxxxxxxxxxxxxxxxxxx>; Wed,  9 Aug 2000 08:09:21 -0700
Received: (qmail 21140 invoked by alias); 9 Aug 2000 15:10:08 -0000
Delivered-To: bugtraq@xxxxxxxxxxxxxxxxx
Received: (qmail 21137 invoked from network); 9 Aug 2000 15:10:08 -0000
Received: from phoenix.calderasystems.com ( by
          mail.securityfocus.com with SMTP; 9 Aug 2000 15:10:08 -0000
Received: (qmail 17388 invoked by uid 10212); 9 Aug 2000 14:56:47 -0000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.6us
Message-ID:  <20000809085647.A17241@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-To: Technical Support <support@xxxxxxxxxxxxxxxxxxxxxxxxxx>
X-To:         announce@xxxxxxxxxxxxxxxxxxxxxxxx, linux-security@xxxxxxxxxx
From: Technical Support <support@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: Bugtraq List <BUGTRAQ@xxxxxxxxxxxxxxxxx>
To: BUGTRAQ@xxxxxxxxxxxxxxxxx
Subject:      Security Update: sperl vulnerability
Date:         Wed, 9 Aug 2000 08:56:47 -0600

Hash: SHA1

		   Caldera Systems, Inc.  Security Advisory

Subject:		sperl vulnerability
Advisory number: 	CSSA-2000-026.0
Issue date: 		2000 August, 7
Cross reference:

1. Problem Description

   sperl is a setuid copy of the perl interpreter that can be
   used to execute perl scripts with the privilege of the
   file's owner. In order to be able to do so, sperl must
   be setuid root.

   When sperl detects that an attacker is trying to spoof it,
   it sends a mail message to the super user account using /bin/mail.
   By exploiting a flaw in the way sperl interacts with /bin/mail,
   any local user is able to obtain root privilege on the local

   An exploit for this vulnerability has been published widely.

2. Vulnerable Versions

   System                       Package
   OpenLinux Desktop 2.3        not vulnerable

   OpenLinux eServer 2.3        All packages previous to
   and OpenLinux eBuilder       perl-5.005_03-6S

   OpenLinux eDesktop 2.4	All packages previous to

3. Solution



   We recommend our users to upgrade to the new packages.

4. OpenLinux Desktop 2.3

   not vulnerable

5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0

   5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:


       The corresponding source code package can be found at:


   5.2 Verification

       55bf850e54e8ddd91a00f67b528d831d  perl-5.005_03-6S.i386.rpm
       bf1f56c565c512a8dbf970d04304d22c  perl-5.005_03-6S.src.rpm
       76f2238063b94983591ae10ad3715eb3  perl-add-5.005_03-6S.i386.rpm
       94bc4d6e0963391c4d100e8d2a2c73d1  perl-examples-5.005_03-6S.i386.rpm
       eca239c5b0c9cb7cc98d4254304a6e3d  perl-man-5.005_03-6S.i386.rpm
       18c76ed983ff45fd8dc5442cee2e6f4e  perl-pod-5.005_03-6S.i386.rpm

   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

	  rpm -Fhv perl-*.i386.rpm

       Please ignore the "directory not empty" messages

6. OpenLinux eDesktop 2.4

   6.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:


       The corresponding source code package can be found at:


   6.2 Verification

       7542698bece734cccc30c8ef83c5af87  perl-5.005_03-6.i386.rpm
       0b6e1a7e1615a5400e07c10cfd924203  perl-5.005_03-6.src.rpm
       42356e924d6e6a1d5507c0951b5b5c78  perl-add-5.005_03-6.i386.rpm
       49ab8a7f2e3a9f96f51ade1510405331  perl-examples-5.005_03-6.i386.rpm
       2ec837db5f8bf0af5610748e2a7793a2  perl-man-5.005_03-6.i386.rpm
       64cc98b972e8f9297933ac74fd547386  perl-pod-5.005_03-6.i386.rpm

   6.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

  	  rpm -Fhv perl-*.i386.rpm

7. References

   This and other Caldera security resources are located at:


   This security fix closes Caldera's internal Problem Report 7347.

8. Disclaimer

   Caldera Systems, Inc. is not responsible for the misuse of any of the
   information we provide on this website and/or through our security
   advisories. Our advisories are a service to our customers intended to
   promote secure installation and use of Caldera OpenLinux.

Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org



End of this Digest