-----BEGIN PGP SIGNED MESSAGE-----

Subject: Caldera Security Advisory SA-1997.25: Vulnerability in perl package

Caldera Security Advisory SA-1997.25

RPM build date:		23-May-1997
Advisory issue date:	13-Oct-1997

NOTE: This advisory (SA-1997.25) supersedes SA-1997.08.

Topic: Vulnerability in perl

I. Problem Description

	This Security Advisory supersedes Caldera SA-1997.08 - July 6, 1997.
	A vulnerability exists within sperl that will allow local users gain
	root access, if SUID root.  Note that there have been two fixes
	released for this same vulnerability.  This fix replaces the first.

II. Impact

	On systems such as Caldera OpenLinux 1.0 and 1.1, an unprivileged
	user may gain root access and execute arbitrary commands.

III. Solution

	As a temporary solution, You can disable the exploits for this bug
	with the following command:

		chmod u-s /usr/bin/sperl*

	The best solution is to upgrade to the new perl packages listed below.

		RPMS/perl-5.003-6.i386.rpm
		RPMS/perl-add-5.003-6.i386.rpm
		RPMS/perl-eg-5.003-6.i386.rpm
		RPMS/perl-man-5.003-6.i386.rpm
		RPMS/perl-pod-5.003-6.i386.rpm

	The above packages are to be installed by doing the following:

		rpm -e perl
		rpm -i perl-add-5.003-6.i386.rpm
		rpm -i perl-eg-5.003-6.i386.rpm
		rpm -i perl-man-5.003-6.i386.rpm
		rpm -i perl-pod-5.003-6.i386.rpm

	The package that contains the fix is perl-add-5.003-6.i386.rpm. The
	other packages are included for completeness.

	These packages are located on Caldera's FTP server (ftp.caldera.com):

	Binary files can be obtained at:
	ftp://ftp.caldera.com/pub/openlinux/updates/1.1/current/RPMS

	Source files can be obtained at:
	ftp://ftp.caldera.com/pub/openlinux/updates/1.1/current/SRPMS

	The MD5 checksum (from the "md5sum" command) for these package are:

	aca15a9baa4bbfa71e62e879b536ad3f  RPMS/perl-5.003-6.i386.rpm
	7fd4842656ed691b5b9615d6b9503146  RPMS/perl-add-5.003-6.i386.rpm
	0432a20a0368c64485733373c8f1e071  RPMS/perl-eg-5.003-6.i386.rpm
	ae29a17121d58097fc12b64e3def6331  RPMS/perl-man-5.003-6.i386.rpm
	cab433c20a269b0d302dda9a53359ee4  RPMS/perl-pod-5.003-6.i386.rpm
	9ea5aa42125084026b3c70b930ecc7b3  SRPMS/perl-5.003-6.src.rpm


IV. References / Credits

	This and other Caldera security resources are located at:

		http://www.caldera.com/tech-ref/security/

	This advisory is based on a security upgrade announced on the BugTraq
	email list:

		Subject: Buffer overflow in sperl5.003
		Message-ID:
	<Pine.LNX.3.96.970417140348.24662A-101000@cray1.ecst.csuchico.edu
		Jason Murphy <jtmurphy@ecst.csuchico.edu>
		Willy Tarreau <tarreau@aemiaif.ibp.fr>

	CERT Advisory CA-97.17:
	
		ftp://info.cert.org/pub/cert_advisories/CA-97.17.sperl

V. PGP Signature

	This message was signed with the PGP key for <security@caldera.com>.

	This key can be obtained from:
		ftp://ftp.caldera.com/pub/pgp-keys/

	Or on an OpenLinux CDROM under:
		/OpenLinux/pgp-keys/

	$Id: SA-1997.25,v 1.2 1997/10/13 18:05:27 ron Exp $

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNEJjTen+9R4958LpAQE/WQP9GpzcFnY3PkDj/kjCenfFdPKrqlmRiKNA
FK2MeOGzM+ZWRKJpN+1eQ1876rxSzcLbkKd/uDLl/qiL6mPNz4icXIIkZyGoz3Xv
RPbskTp9SKKBoAC2mVxOqx7lCfK01teT2SBhhOVHoS4Kl/wbWKO93bVwCH7Of+2P
HOC3cY6UX6Y=
=baUf
-----END PGP SIGNATURE-----