Author: JT Smith
At LWN.net: “Several potential buffer overflows in the ePerl package have been found
by Fumitoshi Ukai and Denis Barbier. When eperl is installed setuid
root, it can switch to the UID/GID of the script’s owner. Although
Linux-Mandrake does not ship the program setuid root, this is a useful
feature which some users may have activated locally on their own.
There is also the potential for a remote vulnerability as well.”
by Fumitoshi Ukai and Denis Barbier. When eperl is installed setuid
root, it can switch to the UID/GID of the script’s owner. Although
Linux-Mandrake does not ship the program setuid root, this is a useful
feature which some users may have activated locally on their own.
There is also the potential for a remote vulnerability as well.”
Category:
- Linux
