24 Dec 2018

CVE-2000-0703

7.2 High Severity

suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.

suggest your own:

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C
Apps (0)
Operating Systems (0)

xtranslations

xdetection

xremediation

Comments (0)
Comments (0)