Bug 23621
| Summary: | SUID exploit gives root access | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | flitcraft33 | ||||
| Component: | perl | Assignee: | Crutcher Dunnavant <crutcher> | ||||
| Status: | CLOSED ERRATA | QA Contact: | David Lawrence <dkl> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 6.1 | CC: | dr, pekkas | ||||
| Target Milestone: | --- | Keywords: | Security | ||||
| Target Release: | --- | ||||||
| Hardware: | i386 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2001-01-10 16:03:04 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | 15641 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
|
Description
flitcraft33
2001-01-08 23:20:59 UTC
Created attachment 7264 [details]
perl script that exploits suidperl or any suid file for that matter, ugh
See bug 15630, and the RedHat advirory at http://www.redhat.com/support/errata/RHSA-2000-048-03.html Note that script claims to work on ANY suid file, not just PERL. I have not tested this in any way shape or form however. No, this is a standard exploit I have seen long since. Nothing to do with Brazilian guys except that they used your suidperl and passwd to get local root. It cannot be used if your suidperl isn't setuid root, or has been updated, as per errata. |