Slackware alert: Perl root exploit in Slackware 7.1 & -current

Posted by dave on Sep 2, 2000 2:59 PM EDT
Mailing list
Mail this story
Print this story

A root exploit was found in the /usr/bin/suidperl5.6.0 program that shipped with the Slackware 7.1 perl.tgz package.

A root exploit was found in the /usr/bin/suidperl5.6.0 program that
shipped with the Slackware 7.1 perl.tgz package.

It is recommended that all users of Slackware 7.1 (and -current) upgrade to the perl.tgz package available in the Slackware -current branch.

==================================== perl 5.6.0 AVAILABLE - (d1/perl.tgz) ====================================

The root exploit in /usr/bin/suidperl5.6.0 has been patched. Hack attempts are now logged to /var/log/syslog. The new perl.tgz package is available from:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/d1/

Here are the md5sums and checksums for the packages:

1027099174 6464627 ./perl.tgz 0dfc1c46e3dd22033850fc69928588ec ./perl.tgz

INSTALLATION INSTRUCTIONS FOR THE perl.tgz PACKAGE: --------------------------------------------------- If you have downloaded the new perl.tgz package, you should bring the system into runlevel 1 and run upgradepkg on it:

# telinit 1 # upgradepkg perl.tgz # telinit 3

Remember, it's also a good idea to backup configuration files before upgrading packages.

- Slackware Linux Security Team http://www.slackware.com

  Nav
» Read more about: Story Type: Security; Groups: Slackware

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.