Advisory: SuSE Essential and Critical Security Patch Updates

Find the information you need for your favorite open source distribution .

SuSE: perl vulnerability


suidperl is the perl interpreter for suid perl scripts, a part of the perl package. A maliciously implemented feature causes the interpreter to spawn the /bin/mail program to inform the superuser of its usage, thereby passing on untrusted environment that causes /bin/mail to execute arbitrary commands as user root.