From owner-freebsd-security Wed Jun 26 15:41:24 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id PAA29582 for security-outgoing; Wed, 26 Jun 1996 15:41:24 -0700 (PDT) Received: from orion.webspan.net (root@orion.webspan.net [206.154.70.41]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id PAA29575 for ; Wed, 26 Jun 1996 15:41:20 -0700 (PDT) Received: from localhost (scanner@localhost) by orion.webspan.net (8.7.5/8.6.12) with SMTP id SAA11836; Wed, 26 Jun 1996 18:40:56 -0400 (EDT) Date: Wed, 26 Jun 1996 18:40:56 -0400 (EDT) From: Scanner To: Guido van Rooij cc: Brian Tao , freebsd-security@freebsd.org Subject: Re: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd) In-Reply-To: <199606262200.AAA24286@gvr.win.tue.nl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Thu, 27 Jun 1996, Guido van Rooij wrote: > Brian Tao wrote: > [There is text before PGP section.] > > I believe this applies to perl4 as shipped with all versions of > > FreeBSD, as well as the perl5 packages/ports. Does anyone know what > > the actual vulnerability is? > > We know. This bug was first reported by Paul Traina to CERT. > Of course we're not going to get into details. Ok sure fine take all the fun out of it. :-) -- ===================================| Webspan Inc., ISP Division. FreeBSD 2.1.0 is available now! | Phone: 908-367-8030 ext. 126 -----------------------------------| 500 West Kennedy Blvd., Lakewood, NJ-08701 Turning PCs into Workstations | E-Mail: scanner@webspan.net http://www.freebsd.org | SysAdmin / Network Engineer / Security ===================================| Member BSDNET team! http://www.bsdnet.org