---

SuSE Security Announcement: eperl

Date: Wed, 28 Mar 2001 12:27:13 +0200 (CEST)
From: Thomas Biege [email protected]
To: [email protected]
Subject: [suse-security-announce] SuSE Security Announcement: eperl
(SuSE-SA:2001:08)


                        SuSE Security Announcement

        Package:                eperl
        Announcement-ID:        SuSE-SA:2001:08
        Date:                   Tuesday, March 27th, 2001 16.00 MEST
        Affected SuSE versions: 6.3, 6.4, 7.0, 7.1
        Vulnerability Type:     local and remote compromise
        Severity (1-10):        6
        SuSE default package:   no
        Other affected systems: all system using eperl package

        Content of this advisory:
        1) security vulnerability resolved: eperl
           problem description, discussion, solution and upgrade information
        2) pending vulnerabilities, solutions, workarounds
        3) standard appendix (further information)

1) problem description, brief discussion, solution, upgrade
information

The ePerl program is a interpreter for the Embedded Perl 5
Language. It’s main purpose is to serve as Webserver scripting
language for dynamic HTML page programming. Besides this it could
also serve as a standalone Unix filter.

Fumitoshi Ukai and Denis Barbier have found several potential
buffer overflows, which could lead to local privilege escalation if
installed setuid (note: it’s not installed setuid per default) or
to remote compromise.

There is currently no efficient measure against the security
problems in the eperl perl interpreter other than not using or
updating it. SuSE provides update packages for the defective
software.

SuSE Linux version before 6.3 don’t include the eperl
package.

Download the update package from locations described below and
install the package with the command `rpm -Uhv file.rpm’. The
md5sum for each file is in the line below. You can verify the
integrity of the rpm files using the command
`rpm –checksig –nogpg file.rpm’,
independently from the md5 signatures below.

i386 Intel Platform:

SuSE-7.1

ftp://ftp.suse.com/pub/suse/i386/update/7.1/d2/eperl-2.2.14-206.i386.rpm

e613b06d47dcfb7bbcea8c3d0c0e678b
source rpm:

ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/eperl-2.2.14-206.src.rpm

c58a95f3b8ae757ea4d72f3157e2ea62

SuSE-7.0

ftp://ftp.suse.com/pub/suse/i386/update/7.0/d1/eperl-2.2.14-203.i386.rpm

e66520cc0062e25495941542dd5b1f82
source rpm:

ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/eperl-2.2.14-203.src.rpm

34d6682524154c9fb7b5fbec4f4ea82e

SuSE-6.4

ftp://ftp.suse.com/pub/suse/i386/update/6.4/d1/eperl-2.2.14-203.i386.rpm

4b6a5a89899320a8eeb35c149ae111f5
source rpm:

ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/eperl-2.2.14-203.src.rpm

062b14716e52f2649f4380a6a6e4e7f9

SuSE-6.3

ftp://ftp.suse.com/pub/suse/i386/update/6.3/d1/eperl-2.2.14-202.i386.rpm

ba75d7f4a64329a3b5c324b3f0742575
source rpm:

ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/eperl-2.2.14-202.src.rpm

c7ae001d4668ba3a0524f94429b1e4e6

Sparc Platform:

SuSE-7.1

ftp://ftp.suse.com/pub/suse/sparc/update/7.1/d2/eperl-2.2.14-193.sparc.rpm

9752f8b9df6ac1ffdc68cb4b552d6491
source rpm:

ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/eperl-2.2.14-193.src.rpm

f09a1ce9288c201ae63e193914fc84ce

SuSE-7.0

ftp://ftp.suse.com/pub/suse/sparc/update/7.0/d1/eperl-2.2.14-191.sparc.rpm

900eddc134215569fc88d11ce14c11f3
source rpm:

ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/eperl-2.2.14-191.src.rpm

76aaa0efa8ae1c84b80201f73462fc26

AXP Alpha Platform:

SuSE-7.0

ftp://ftp.suse.com/pub/suse/axp/update/7.0/d1/eperl-2.2.14-195.alpha.rpm

d7b4be8d988f8cd501a33f9d2fb12a07
source rpm:

ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/eperl-2.2.14-195.src.rpm

b0379287f9078fcd244cc720fad92c4d

SuSE-6.4

ftp://ftp.suse.com/pub/suse/axp/update/6.4/d1/eperl-2.2.14-195.alpha.rpm

78241206bc1b3927effdb5b1aa4d0ed5
source rpm:

ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/eperl-2.2.14-195.src.rpm

325a04ec8c5c3da6b9c2fdf4e2c6c901

SuSE-6.3

ftp://ftp.suse.com/pub/suse/axp/update/6.3/d1/eperl-2.2.14-194.alpha.rpm

88a09004e5c0c2e6174785207e111318
source rpm:

ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/eperl-2.2.14-194.src.rpm

a04cfa3e64aac49f6c148992e9a50189

PPC Power PC Platform:

SuSE-7.1

ftp://ftp.suse.com/pub/suse/ppc/update/7.1/d2/eperl-2.2.14-178.ppc.rpm

3e05c702aca97db476155054d113ff95
source rpm:

ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/eperl-2.2.14-178.src.rpm

67849b0c1c053eca482508fe2eac3042

SuSE-7.0

ftp://ftp.suse.com/pub/suse/ppc/update/7.0/d1/eperl-2.2.14-177.ppc.rpm

35584e2f1bcebced98fad2ae241824da
source rpm:

ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/eperl-2.2.14-177.src.rpm

98046dce35c4adfba57cc54c018376d7

SuSE-6.4

ftp://ftp.suse.com/pub/suse/ppc/update/6.4/d1/eperl-2.2.14-176.ppc.rpm

9c36bad7ec2e8f6c31307729c7d21bc8
source rpm:

ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/eperl-2.2.14-176.src.rpm

eeaf1144dd659fe13b6a943bf40bf65b

S/390 Platform:

SuSE-7.0

ftp://ftp.suse.com/pub/suse/s390/update/7.0/d1/eperl-2.2.14-182.s390.rpm

416974a30c9c9e435e028f2807e15a51
source rpm:

ftp://ftp.suse.com/pub/suse/s390/update/7.0/zq1/eperl-2.2.14-182.src.rpm

b14c7d9cbb969cda54b0d9f599f1b5cc


2) Pending vulnerabilities in SuSE Distributions and
Workarounds:

– We are in the process of preparing update packages for the man
package which has been found vulnerable to a commandline format
string bug. The man command is installed suid man on SuSE systems.
When exploited, the bug can be used to install a different man
binary to introduce a trojan into the system. As an interim
workaround, we recommend to `chmod -s /usr/bin/man´ and
ignore the warnings and errors when viewing manpages.

– The file browser MidnightCommander (mc) is vulnerable to
unwanted program execution. Updates are currently being built.

– Two bugs were found in the text editor vim. These bugs are
currently being fixed.

– A bufferoverflow in sudo was discovered and fixed RPMs will be
available as soon as possible. A exploit was not made public until
now.


3) standard appendix:

SuSE runs two security mailing lists to which any interested
party may subscribe:

    [email protected]
        -   general/linux/SuSE security discussion.
            All SuSE security announcements are sent to this list.
            To subscribe, send an email to
                [email protected].

    [email protected]
        -   SuSE's announce-only mailing list.
            Only SuSE's security annoucements are sent to this list.
            To subscribe, send an email to
                [email protected].

    For general information or the frequently asked questions (faq)
    send mail to:
        [email protected] or
        [email protected] respectively.


    SuSE's security contact is [email protected].


The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. SuSE GmbH
makes no warranties of any kind whatsoever with respect to the
information contained in this security advisory.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis