CVE Vulnerabilities

CVE-1999-0138

Published: Jun 26, 1996 | Modified: Sep 09, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.

Affected Software

Name Vendor Start Version End Version
A_ux Apple 3.1.1 3.1.1
Osf_1 Digital 1.3 1.3
Freebsd Freebsd 2.0 2.0
Freebsd Freebsd 2.0.5 2.0.5
Freebsd Freebsd 2.1.0 2.1.0
Hp-ux Hp 8 8
Hp-ux Hp 9 9
Hp-ux Hp 10 10
Aix Ibm 3.2.5 3.2.5
Aix Ibm 4 4
Linux_kernel Linux 1.2.0 1.2.0
Linux_kernel Linux 2.0 2.0
Asl_ux_4800 Nec * *
Ews-ux_v Nec 4.2 4.2
Ews-ux_v Nec 4.2mp 4.2mp
Up-ux_v Nec 4.2mp 4.2mp

References