Executive Summary

Summary
Title New perl packages fix regression
Informations
Name DSA-1678 First vendor Publication 2008-12-03
Vendor Debian Last vendor Modification 2008-12-21
Severity (Vendor) N/A Revision 2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The perl update in DSA-1678-1 contains a regression which is triggered by some Perl scripts which have changed into the directory tree removed by File::Path::rmtree. In particular, this happens if File::Temp::tempdir is used. This new update corrects this regression.

For the stable distribution (etch), this problem has been fixed in version 5.8.8-7etch6.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your perl packages.

Original Source

Url : http://www.debian.org/security/2008/dsa-1678

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-362 Race Condition

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11076
 
Oval ID: oval:org.mitre.oval:def:11076
Title: Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
Description: Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5302
 Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13257
 
Oval ID: oval:org.mitre.oval:def:13257
Title: USN-700-2 -- perl regression
Description: USN-700-1 fixed vulnerabilities in Perl. Due to problems with the Ubuntu 8.04 build, some Perl .ph files were missing from the resulting update. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives. If a user or automated system were tricked into opening a specially crafted tar file, a remote attacker could over-write arbitrary files. Tavis Ormandy and Will Drewry discovered that Perl did not correctly handle certain utf8 characters in regular expressions. If a user or automated system were tricked into using a specially crafted expression, a remote attacker could crash the application, leading to a denial of service. Ubuntu 8.10 was not affected by this issue. A race condition was discovered in the File::Path Perl module�s rmtree function. If a local attacker successfully raced another user�s call of rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06 and 8.10 were not affected by this issue. A race condition was discovered in the File::Path Perl module�s rmtree function. If a local attacker successfully raced another user�s call of rmtree, they could delete arbitrary files. Ubuntu 6.06 was not affected by this issue
Family: unix Class: patch
Reference(s): USN-700-2
CVE-2007-4829
CVE-2008-1927
CVE-2008-5302
CVE-2008-5303
 Version: 5
Platform(s): Ubuntu 8.04
 Product(s): perl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21014
 
Oval ID: oval:org.mitre.oval:def:21014
Title: USN-700-1 -- libarchive-tar-perl, perl vulnerabilities
Description: Jonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives.
Family: unix Class: patch
Reference(s): USN-700-1
CVE-2007-4829
CVE-2008-1927
CVE-2008-5302
CVE-2008-5303
 Version: 5
Platform(s): Ubuntu 6.06
Ubuntu 7.10
Ubuntu 8.04
Ubuntu 8.10
 Product(s): libarchive-tar-perl
perl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28121
 
Oval ID: oval:org.mitre.oval:def:28121
Title: DEPRECATED: ELSA-2010-0458 -- perl security update (moderate)
Description: [4:5.8.8-32.el5.1] - third version of patch fix change of behaviour of rmtree for common user - Resolves: rhbz#597203 [4:5.8.8-32.el5] - rhbz#595416 change documentation of File::Path - Related: rhbz#591167 [4:5.8.8-31.el5] - remove previous fix - Related: rhbz#591167 [4:5.8.8-30.el5] - change config to file on Util.so - Related: rhbz#594406 [4:5.8.8-29.el5] - CVE-2008-5302 - use latest patch without Cwd module - 507378 because of our paths we need to overload old Util.so in case customer installed Scalar::Util from cpan. In this case we marked new Util.so as .rpmnew. - Related: rhbz#591167 - Resolves: rhbz#594406 [4:5.8.8-28.el5] - CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1 - CVE-2010-1168 perl Safe: Intended restriction bypass via object references - CVE-2010-1447 Safe 2.26 and earlier: Intended restriction bypass via Perl object references in code executed outside safe compartment - Related: rhbz#591167
Family: unix Class: patch
Reference(s): ELSA-2010-0458
CVE-2010-1168
CVE-2010-1447
CVE-2008-5302
CVE-2008-5303
 Version: 4
Platform(s): Oracle Linux 5
 Product(s): perl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6680
 
Oval ID: oval:org.mitre.oval:def:6680
Title: VMware ESX,Service Console update for perl.
Description: Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to allows local users to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5303
 Version: 5
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6890
 
Oval ID: oval:org.mitre.oval:def:6890
Title: VMware ESX,Service Console update for perl.
Description: Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5302
 Version: 5
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9699
 
Oval ID: oval:org.mitre.oval:def:9699
Title: Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to allows local users to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
Description: Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to allows local users to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5303
 Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for perl CESA-2010:0458 centos5 i386
File : nvt/gb_CESA-2010_0458_perl_centos5_i386.nasl
2010-06-15 Name : Mandriva Update for perl MDVSA-2010:116 (perl)
File : nvt/gb_mandriva_MDVSA_2010_116.nasl
2010-06-11 Name : RedHat Update for perl RHSA-2010:0458-02
File : nvt/gb_RHSA-2010_0458-02_perl.nasl
2010-05-12 Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl
2010-04-16 Name : Mandriva Update for timezone MDVA-2010:116 (timezone)
File : nvt/gb_mandriva_MDVA_2010_116.nasl
2009-06-05 Name : Ubuntu USN-698-1 (nagios)
File : nvt/ubuntu_698_1.nasl
2009-02-18 Name : SuSE Security Summary SUSE-SR:2009:004
File : nvt/suse_sr_2009_004.nasl
2009-01-20 Name : Ubuntu USN-700-2 (perl)
File : nvt/ubuntu_700_2.nasl
2008-12-29 Name : Debian Security Advisory DSA 1678-2 (perl)
File : nvt/deb_1678_2.nasl
2008-12-29 Name : Ubuntu USN-700-1 (perl)
File : nvt/ubuntu_700_1.nasl
2008-12-10 Name : Debian Security Advisory DSA 1678-1 (perl)
File : nvt/deb_1678_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
50446 Perl File::Path (lib/File/Path.pm) rmtree Function Symlink Arbitrary File Del...

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0013_remote.nasl - Type : ACT_GATHER_INFO
2013-11-29 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201311-17.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0458.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100607_perl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2010-09-02 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0013.nasl - Type : ACT_GATHER_INFO
2010-06-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0458.nasl - Type : ACT_GATHER_INFO
2010-06-14 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-116.nasl - Type : ACT_GATHER_INFO
2010-06-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0458.nasl - Type : ACT_GATHER_INFO
2010-03-29 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2010-002.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_perl-090128.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_perl-090128.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-700-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-700-2.nasl - Type : ACT_GATHER_INFO
2008-12-04 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1678.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:28:01
  • Multiple Updates