March 28, 2001

Security update to eperl

Author: JT Smith

At "The ePerl program is a interpreter for the Embedded Perl 5 Language.
It's main purpose is to serve as Webserver scripting language for dynamic
HTML page programming. Besides this it could also serve as a standalone
Unix filter.
Fumitoshi Ukai and Denis Barbier have found several potential buffer
overflows, which could lead to local privilege escalation if installed
setuid (note: it's not installed setuid per default) or to remote

There is currently no efficient measure against the security problems
in the eperl perl interpreter other than not using or updating it."


  • Linux
Click Here!