SuSE Security Announcement: eperlMar 28, 2001, 22:26 (0 Talkback[s])
(Other stories by Thomas Biege)
Date: Wed, 28 Mar 2001 12:27:13 +0200 (CEST)
SuSE Security Announcement Package: eperl Announcement-ID: SuSE-SA:2001:08 Date: Tuesday, March 27th, 2001 16.00 MEST Affected SuSE versions: 6.3, 6.4, 7.0, 7.1 Vulnerability Type: local and remote compromise Severity (1-10): 6 SuSE default package: no Other affected systems: all system using eperl package Content of this advisory: 1) security vulnerability resolved: eperl problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds 3) standard appendix (further information)
1) problem description, brief discussion, solution, upgrade information
The ePerl program is a interpreter for the Embedded Perl 5 Language. It's main purpose is to serve as Webserver scripting language for dynamic HTML page programming. Besides this it could also serve as a standalone Unix filter.
Fumitoshi Ukai and Denis Barbier have found several potential buffer overflows, which could lead to local privilege escalation if installed setuid (note: it's not installed setuid per default) or to remote compromise.
There is currently no efficient measure against the security problems in the eperl perl interpreter other than not using or updating it. SuSE provides update packages for the defective software.
SuSE Linux version before 6.3 don't include the eperl package.
Download the update package from locations described below and
install the package with the command `rpm -Uhv file.rpm'. The
md5sum for each file is in the line below. You can verify the
integrity of the rpm files using the command
i386 Intel Platform:
AXP Alpha Platform:
PPC Power PC Platform:
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- We are in the process of preparing update packages for the man package which has been found vulnerable to a commandline format string bug. The man command is installed suid man on SuSE systems. When exploited, the bug can be used to install a different man binary to introduce a trojan into the system. As an interim workaround, we recommend to `chmod -s /usr/bin/man´ and ignore the warnings and errors when viewing manpages.
- The file browser MidnightCommander (mc) is vulnerable to unwanted program execution. Updates are currently being built.
- Two bugs were found in the text editor vim. These bugs are currently being fixed.
- A bufferoverflow in sudo was discovered and fixed RPMs will be available as soon as possible. A exploit was not made public until now.
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may subscribe:
firstname.lastname@example.org - general/linux/SuSE security discussion. All SuSE security announcements are sent to this list. To subscribe, send an email to email@example.com. firstname.lastname@example.org - SuSE's announce-only mailing list. Only SuSE's security annoucements are sent to this list. To subscribe, send an email to email@example.com. For general information or the frequently asked questions (faq) send mail to: firstname.lastname@example.org or email@example.com respectively.
SuSE's security contact is firstname.lastname@example.org.
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. SuSE GmbH makes no warranties of any kind whatsoever with respect to the information contained in this security advisory.