#33990: setuid perl security issues (guest/guest でログイン)
Date: Mon, 31 Jan 2005 15:55:36 +0000とのことですが、「Current Release: 5.8.6」と表示されてますね。
Who was already planning to start the 5.8.7 release process at the end of February.
Description: (Description でない部分は略)bugtraq MLより
In the July 18, 2002 highlights for Perl 5.8.0 there was a 'New IO Implementation' added called PerlIO. The new PerlIO implementation was described as both a portable stdio implementation (at the source code level) and a flexible new framework for richer I/O behaviours.
As an attacker I would definately say that PerlIO has some rich behavior. Two vulnerabilities were located in the PerlIO package that can allow an attacker to take root on a machine that makes use of setuid perl aka sperl. The first vulnerability was outlined in DMA[2005-0131a], details on the second vulnerability will be explained below.
