lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: cjs at cynic.net (Curt Sampson) Subject: Re: Buffer Overflow in ActivePerl ? On Wed, 19 May 2004, Nick FitzGerald wrote: > However, there is not likely to be a privilege escalation here unless > perhaps a script processor on a web server can be cajoled into doing > something with this? Not terribly likely; system() in perl forks a new process, potentially executing a command interpreter: ... If there is only one scalar argument, the argument is checked for shell metacharacters, and if there are any, the entire argument is passed to the system's command shell for parsing... If you can cajole a web server into passing fairly arbitrary information into the system() function, you probably own the machine even without this overflow. cjs -- Curt Sampson <cjs@...ic.net> +81 90 7737 2974 http://www.NetBSD.org Don't you know, in this new Dark Age, we're all light. --XTC
Powered by blists - more mailing lists