Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
Software | From | Fixed in |
---|---|---|
ibm / aix | 5.2 | 5.2.x |
ibm / aix | 5.3 | 5.3.x |
larry_wall / perl | 5.8.0 | 5.8.0.x |
larry_wall / perl | 5.8.1 | 5.8.1.x |
larry_wall / perl | 5.8.3 | 5.8.3.x |
larry_wall / perl | 5.8.4 | 5.8.4.x |
larry_wall / perl | 5.8.4.1 | 5.8.4.1.x |
larry_wall / perl | 5.8.4.2 | 5.8.4.2.x |
larry_wall / perl | 5.8.4.2.3 | 5.8.4.2.3.x |
larry_wall / perl | 5.8.4.3 | 5.8.4.3.x |
larry_wall / perl | 5.8.4.4 | 5.8.4.4.x |
larry_wall / perl | 5.8.4.5 | 5.8.4.5.x |
suse / suse_linux | 8.0 | 8.0.x |
suse / suse_linux | 8.1 | 8.1.x |
suse / suse_linux | 8.2 | 8.2.x |
suse / suse_linux | 9.0 | 9.0.x |
suse / suse_linux | 9.1 | 9.1.x |
suse / suse_linux | 9.2 | 9.2.x |
redhat / enterprise_linux | 3.0 | 3.0.x |
ubuntu / ubuntu_linux | 4.1 | 4.1.x |
redhat / enterprise_linux_desktop | 3.0 | 3.0.x |
trustix / secure_linux | 1.5 | 1.5.x |
trustix / secure_linux | 2.0 | 2.0.x |
trustix / secure_linux | 2.1 | 2.1.x |
trustix / secure_linux | 2.2 | 2.2.x |
sgi / propack | 3.0 | 3.0.x |
redhat / fedora_core | core_3.0 | core_3.0.x |