Page 3 of 12 results (0.003 seconds)

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 4

suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence. • https://www.exploit-db.com/exploits/20141 https://www.exploit-db.com/exploits/20142 http://archives.neohapsis.com/archives/bugtraq/2000-08/0022.html http://archives.neohapsis.com/archives/bugtraq/2000-08/0086.html http://archives.neohapsis.com/archives/bugtraq/2000-08/0113.html http://archives.neohapsis.com/archives/bugtraq/2000-08/0153.html http://www.calderasystems.com/support/security/advisories/CSSA-2000-026.0.txt http://www.novell.com/linux/security/advisories/suse_security_announce •

CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 4

Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. • https://www.exploit-db.com/exploits/200 https://www.exploit-db.com/exploits/320 https://www.exploit-db.com/exploits/19546 https://www.exploit-db.com/exploits/19547 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034 •