An attack that runs a script that will give root access if the hacker knows any binary that is SUID. I have the scripts, the source and the email addresses of the guys from Brazil who cooked this one up. My first experience with Brazilian PERL and I hope my last. My system was totally compromised by this as it grants root access. I tried to do the Bugzilla search and I hope I did it right. This exploit was done on the standard 6.1 install. Dan Sichel
Created attachment 7264 [details] perl script that exploits suidperl or any suid file for that matter, ugh
See bug 15630, and the RedHat advirory at http://www.redhat.com/support/errata/RHSA-2000-048-03.html
Note that script claims to work on ANY suid file, not just PERL. I have not tested this in any way shape or form however.
No, this is a standard exploit I have seen long since. Nothing to do with Brazilian guys except that they used your suidperl and passwd to get local root. It cannot be used if your suidperl isn't setuid root, or has been updated, as per errata.