ID | CVE-2000-0703 | ||||||
Sažetak | suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence. | ||||||
Reference |
|
||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:L/AC:L/Au:N/C:C/I:C/A:C | ||||||
Zadnje važnije ažuriranje | 10-09-2008 - 19:05 | ||||||
Objavljeno | 20-10-2000 - 04:00 |