perl suid exploit
Matthew Miller
mattdm at mattdm.org
Fri Jul 8 04:08:51 UTC 2005
On Fri, Jul 08, 2005 at 01:55:26PM +1000, Michael Mansour wrote:
> I run perl 5.8.3 in suid mode on Fedora Core 1, and
> have recently detected an attempted exploit which
> basically crashed my system (well, I was able to
> recover by removing the 15 byte /etc/ld.so.preload
> file which tries to reference, as part of the exploit,
> a /tmp/getuid.so file).
>
> I've brought the server up again, but am not sure now
> how I can defend against this attack since FC1 and
> perl 5.8.3 are the latest.
>
> Anyone have any suggestions?
Well.... <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152845>
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
Current office temperature: 76 degrees Fahrenheit.
More information about the fedora-legacy-list
mailing list