- Nom du paquet
- Advisory ID
- Affected versions
- 7.2 i586 , 7.1 i586 , CS1.0 i586
Several potential buffer overflows in the ePerl package have been found by Fumitoshi Ukai and Denis Barbier. When eperl is installed setuid root, it can switch to the UID/GID of the script's owner. Although Linux-Mandrake does not ship the program setuid root, this is a useful feature which some users may have activated locally on their own. There is also the potential for a remote vulnerability as well.
e48bdd9d10fadb000650592dc97c601d 7.2/RPMS/eperl-2.2.14-7.1mdk.i586.rpm 6c4caf6f01729418940a5b266ca34969 7.2/SRPMS/eperl-2.2.14-7.1mdk.src.rpm
29d22c99cf995c7dd90f34467e0ae202 7.1/RPMS/eperl-2.2.14-7.2mdk.i586.rpm 405b9b51f07abeb04809453c1b5eb7b6 7.1/SRPMS/eperl-2.2.14-7.2mdk.src.rpm
29d22c99cf995c7dd90f34467e0ae202 1.0.1/RPMS/eperl-2.2.14-7.2mdk.i586.rpm 405b9b51f07abeb04809453c1b5eb7b6 1.0.1/SRPMS/eperl-2.2.14-7.2mdk.src.rpm