Vulnerabilities > CVE-2000-0703 - Unspecified vulnerability in Larry Wall Perl
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Exploit-Db
description Suidperl 5.00503 Mail Shell Escape Vulnerability (1). CVE-2000-0703. Local exploit for linux platform id EDB-ID:20141 last seen 2016-02-02 modified 2000-08-07 published 2000-08-07 reporter Sebastian Krahmer source https://www.exploit-db.com/download/20141/ title Suidperl 5.00503 Mail Shell Escape Vulnerability 1 description Suidperl 5.00503 Mail Shell Escape Vulnerability (2). CVE-2000-0703. Local exploit for linux platform id EDB-ID:20142 last seen 2016-02-02 modified 2000-08-07 published 2000-08-07 reporter Michal Zalewski source https://www.exploit-db.com/download/20142/ title Suidperl 5.00503 Mail Shell Escape Vulnerability 2
Redhat
| advisories |
|
References
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0022.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0086.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0113.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0153.html
- http://www.calderasystems.com/support/security/advisories/CSSA-2000-026.0.txt
- http://www.novell.com/linux/security/advisories/suse_security_announce_59.html
- http://www.redhat.com/support/errata/RHSA-2000-048.html
- http://www.securityfocus.com/bid/1547
- http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000017.html