Executive Summary

Summary
Title Perl Safe module: Arbitrary Perl code injection
Informations
Name GLSA-201111-09 First vendor Publication 2011-11-20
Vendor Gentoo Last vendor Modification 2011-11-20
Severity (Vendor) Normal Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

The Safe module for Perl does not properly restrict code, allowing a remote attacker to execute arbitrary Perl code outside of a restricted compartment.

Background

Safe is a Perl module to compile and execute code in restricted compartments.

Description

Unsafe code evaluation prevents the Safe module from properly restricting the code of implicitly called methods on implicitly blessed objects.

Impact

A remote attacker could entice a user to load a specially crafted Perl script, resulting in execution arbitrary Perl code outside of a restricted compartment.

Workaround

There is no known workaround at this time.

Resolution

All users of the standalone Perl Safe module should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=perl-core/Safe-2.27"

All users of the Safe module bundled with Perl should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=virtual/perl-Safe-2.27"

NOTE: This is a legacy GLSA. Updates for all affected architectures are available since July 18, 2010. It is likely that your system is already no longer affected by this issue.

References

[ 1 ] CVE-2010-1168 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1168

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201111-09.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201111-09.xml

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:7424
 
Oval ID: oval:org.mitre.oval:def:7424
Title: VMware ESX,Service Console update for perl.
Description: The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods."
Family: unix Class: vulnerability
Reference(s): CVE-2010-1168
Version: 5
Platform(s): VMWare ESX Server 3.5
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9807
 
Oval ID: oval:org.mitre.oval:def:9807
Title: The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods."
Description: The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods."
Family: unix Class: vulnerability
Reference(s): CVE-2010-1168
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 15

OpenVAS Exploits

Date Description
2012-02-12 Name : Gentoo Security Advisory GLSA 201111-09 (Safe)
File : nvt/glsa_201111_09.nasl
2011-08-09 Name : CentOS Update for perl CESA-2010:0458 centos5 i386
File : nvt/gb_CESA-2010_0458_perl_centos5_i386.nasl
2011-05-10 Name : Ubuntu Update for perl USN-1129-1
File : nvt/gb_ubuntu_USN_1129_1.nasl
2011-04-29 Name : Fedora Update for perl FEDORA-2011-4918
File : nvt/gb_fedora_2011_4918_perl_fc13.nasl
2010-08-16 Name : Fedora Update for perl FEDORA-2010-11340
File : nvt/gb_fedora_2010_11340_perl_fc12.nasl
2010-08-06 Name : Fedora Update for perl FEDORA-2010-11323
File : nvt/gb_fedora_2010_11323_perl_fc13.nasl
2010-06-15 Name : Mandriva Update for perl MDVSA-2010:115 (perl)
File : nvt/gb_mandriva_MDVSA_2010_115.nasl
2010-06-15 Name : Mandriva Update for perl MDVSA-2010:116 (perl)
File : nvt/gb_mandriva_MDVSA_2010_116.nasl
2010-06-14 Name : Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities
File : nvt/gb_perl_safe_40302.nasl
2010-06-11 Name : RedHat Update for perl RHSA-2010:0457-01
File : nvt/gb_RHSA-2010_0457-01_perl.nasl
2010-06-11 Name : RedHat Update for perl RHSA-2010:0458-02
File : nvt/gb_RHSA-2010_0458-02_perl.nasl
2010-04-16 Name : Mandriva Update for tkcvs MDVA-2010:115 (tkcvs)
File : nvt/gb_mandriva_MDVA_2010_115.nasl
2010-04-16 Name : Mandriva Update for timezone MDVA-2010:116 (timezone)
File : nvt/gb_mandriva_MDVA_2010_116.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
65683 Safe Module for Perl Automagic Methods Safe::reval / Safe::rdo Access Restric...

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0013_remote.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0457.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0458.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0429.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0428.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100607_perl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100607_perl_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2011-11-22 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201111-09.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1129-1.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_perl-100730.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_perl-7108.nasl - Type : ACT_GATHER_INFO
2010-09-02 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0013.nasl - Type : ACT_GATHER_INFO
2010-08-25 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12628.nasl - Type : ACT_GATHER_INFO
2010-08-19 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_perl-100730.nasl - Type : ACT_GATHER_INFO
2010-08-19 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_perl-100730.nasl - Type : ACT_GATHER_INFO
2010-08-14 Name : The remote Fedora host is missing a security update.
File : fedora_2010-11340.nasl - Type : ACT_GATHER_INFO
2010-08-03 Name : The remote Fedora host is missing a security update.
File : fedora_2010-11323.nasl - Type : ACT_GATHER_INFO
2010-06-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0458.nasl - Type : ACT_GATHER_INFO
2010-06-14 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-116.nasl - Type : ACT_GATHER_INFO
2010-06-14 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-115.nasl - Type : ACT_GATHER_INFO
2010-06-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0457.nasl - Type : ACT_GATHER_INFO
2010-06-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0458.nasl - Type : ACT_GATHER_INFO
2010-06-01 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0429.nasl - Type : ACT_GATHER_INFO
2010-05-25 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2051.nasl - Type : ACT_GATHER_INFO
2010-05-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-942-1.nasl - Type : ACT_GATHER_INFO
2010-05-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0428.nasl - Type : ACT_GATHER_INFO
2010-05-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0429.nasl - Type : ACT_GATHER_INFO
2010-05-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0428.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:37:06
  • Multiple Updates