CVE-2000-0703

2000-10-20T04:00:00
ID CVE-2000-0703
Type cve
Reporter cve@mitre.org
Modified 2008-09-10T19:05:00

Description

suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.