Executive Summary
Summary | |
---|---|
Title | Perl: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201311-17 | First vendor Publication | 2013-11-28 |
Vendor | Gentoo | Last vendor Modification | 2013-11-28 |
Severity (Vendor) | High | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.9 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities were found in Perl, the worst of which could allow a local attacker to cause a Denial of Service condition. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201311-17.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201311-17.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-362 | Race Condition |
25 % | CWE-264 | Permissions, Privileges, and Access Controls |
25 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11076 | |||
Oval ID: | oval:org.mitre.oval:def:11076 | ||
Title: | Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions. | ||
Description: | Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-5302 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13047 | |||
Oval ID: | oval:org.mitre.oval:def:13047 | ||
Title: | DSA-2265-1 perl -- lack of tainted flag propagation | ||
Description: | Mark Martinec discovered that Perl incorrectly clears the tainted flag on values returned by case conversion functions such as "lc". This may expose preexisting vulnerabilities in applications which use these functions while processing untrusted input. No such applications are known at this stage. Such applications will cease to work when this security update is applied because taint checks are designed to prevent such unsafe use of untrusted input data. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2265-1 CVE-2011-1487 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | perl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13257 | |||
Oval ID: | oval:org.mitre.oval:def:13257 | ||
Title: | USN-700-2 -- perl regression | ||
Description: | USN-700-1 fixed vulnerabilities in Perl. Due to problems with the Ubuntu 8.04 build, some Perl .ph files were missing from the resulting update. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives. If a user or automated system were tricked into opening a specially crafted tar file, a remote attacker could over-write arbitrary files. Tavis Ormandy and Will Drewry discovered that Perl did not correctly handle certain utf8 characters in regular expressions. If a user or automated system were tricked into using a specially crafted expression, a remote attacker could crash the application, leading to a denial of service. Ubuntu 8.10 was not affected by this issue. A race condition was discovered in the File::Path Perl module�s rmtree function. If a local attacker successfully raced another user�s call of rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06 and 8.10 were not affected by this issue. A race condition was discovered in the File::Path Perl module�s rmtree function. If a local attacker successfully raced another user�s call of rmtree, they could delete arbitrary files. Ubuntu 6.06 was not affected by this issue | ||
Family: | unix | Class: | patch |
Reference(s): | USN-700-2 CVE-2007-4829 CVE-2008-1927 CVE-2008-5302 CVE-2008-5303 | Version: | 5 |
Platform(s): | Ubuntu 8.04 | Product(s): | perl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13932 | |||
Oval ID: | oval:org.mitre.oval:def:13932 | ||
Title: | USN-1129-1 -- perl vulnerabilities | ||
Description: | perl: Larry Wall�s Practical Extraction and Report Language An attacker could send crafted input to Perl and bypass intended restrictions. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1129-1 CVE-2010-1168 CVE-2010-1447 CVE-2010-2761 CVE-2010-4411 CVE-2010-4410 CVE-2011-1487 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 10.10 Ubuntu 6.06 Ubuntu 10.04 | Product(s): | perl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21014 | |||
Oval ID: | oval:org.mitre.oval:def:21014 | ||
Title: | USN-700-1 -- libarchive-tar-perl, perl vulnerabilities | ||
Description: | Jonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-700-1 CVE-2007-4829 CVE-2008-1927 CVE-2008-5302 CVE-2008-5303 | Version: | 5 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | libarchive-tar-perl perl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28121 | |||
Oval ID: | oval:org.mitre.oval:def:28121 | ||
Title: | DEPRECATED: ELSA-2010-0458 -- perl security update (moderate) | ||
Description: | [4:5.8.8-32.el5.1] - third version of patch fix change of behaviour of rmtree for common user - Resolves: rhbz#597203 [4:5.8.8-32.el5] - rhbz#595416 change documentation of File::Path - Related: rhbz#591167 [4:5.8.8-31.el5] - remove previous fix - Related: rhbz#591167 [4:5.8.8-30.el5] - change config to file on Util.so - Related: rhbz#594406 [4:5.8.8-29.el5] - CVE-2008-5302 - use latest patch without Cwd module - 507378 because of our paths we need to overload old Util.so in case customer installed Scalar::Util from cpan. In this case we marked new Util.so as .rpmnew. - Related: rhbz#591167 - Resolves: rhbz#594406 [4:5.8.8-28.el5] - CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1 - CVE-2010-1168 perl Safe: Intended restriction bypass via object references - CVE-2010-1447 Safe 2.26 and earlier: Intended restriction bypass via Perl object references in code executed outside safe compartment - Related: rhbz#591167 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0458 CVE-2010-1168 CVE-2010-1447 CVE-2008-5302 CVE-2008-5303 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | perl |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6680 | |||
Oval ID: | oval:org.mitre.oval:def:6680 | ||
Title: | VMware ESX,Service Console update for perl. | ||
Description: | Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to allows local users to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-5303 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6890 | |||
Oval ID: | oval:org.mitre.oval:def:6890 | ||
Title: | VMware ESX,Service Console update for perl. | ||
Description: | Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-5302 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9699 | |||
Oval ID: | oval:org.mitre.oval:def:9699 | ||
Title: | Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to allows local users to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions. | ||
Description: | Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to allows local users to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-5303 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-09 | Name : RedHat Update for perl RHSA-2011:0558-01 File : nvt/gb_RHSA-2011_0558-01_perl.nasl |
2011-08-09 | Name : CentOS Update for perl CESA-2010:0458 centos5 i386 File : nvt/gb_CESA-2010_0458_perl_centos5_i386.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2265-1 (perl) File : nvt/deb_2265_1.nasl |
2011-05-23 | Name : Mandriva Update for perl MDVSA-2011:091 (perl) File : nvt/gb_mandriva_MDVSA_2011_091.nasl |
2011-05-23 | Name : Perl Denial of Service Vulnerability (Windows) File : nvt/gb_perl_dos_vuln_win.nasl |
2011-05-10 | Name : Ubuntu Update for perl USN-1129-1 File : nvt/gb_ubuntu_USN_1129_1.nasl |
2011-04-29 | Name : Fedora Update for perl FEDORA-2011-4918 File : nvt/gb_fedora_2011_4918_perl_fc13.nasl |
2011-04-22 | Name : Perl Laundering Security Bypass Vulnerability (Windows) File : nvt/gb_perl_sec_bypass_vuln.nasl |
2011-04-19 | Name : Fedora Update for perl FEDORA-2011-4610 File : nvt/gb_fedora_2011_4610_perl_fc14.nasl |
2010-06-15 | Name : Mandriva Update for perl MDVSA-2010:116 (perl) File : nvt/gb_mandriva_MDVSA_2010_116.nasl |
2010-06-11 | Name : RedHat Update for perl RHSA-2010:0458-02 File : nvt/gb_RHSA-2010_0458-02_perl.nasl |
2010-05-12 | Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002 File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl |
2010-04-16 | Name : Mandriva Update for timezone MDVA-2010:116 (timezone) File : nvt/gb_mandriva_MDVA_2010_116.nasl |
2009-06-05 | Name : Ubuntu USN-698-1 (nagios) File : nvt/ubuntu_698_1.nasl |
2009-02-18 | Name : SuSE Security Summary SUSE-SR:2009:004 File : nvt/suse_sr_2009_004.nasl |
2009-01-20 | Name : Ubuntu USN-700-2 (perl) File : nvt/ubuntu_700_2.nasl |
2008-12-29 | Name : Debian Security Advisory DSA 1678-2 (perl) File : nvt/deb_1678_2.nasl |
2008-12-29 | Name : Ubuntu USN-700-1 (perl) File : nvt/ubuntu_700_1.nasl |
2008-12-10 | Name : Debian Security Advisory DSA 1678-1 (perl) File : nvt/deb_1678_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
75047 | Perl Multiple Function Taint Protection Mechanism Bypass |
74175 | Perl Multiple Function Call Argument Injection NULL Dereference DoS |
64082 | Perl RegEx String Handling Overflow DoS |
50446 | Perl File::Path (lib/File/Path.pm) rmtree Function Symlink Arbitrary File Del... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0013_remote.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_perl-58_20131015.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_perl-110506.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_perl-110506.nasl - Type : ACT_GATHER_INFO |
2013-11-29 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201311-17.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0458.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110519_perl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100607_perl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_perl-7507.nasl - Type : ACT_GATHER_INFO |
2011-06-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2265.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1129-1.nasl - Type : ACT_GATHER_INFO |
2011-05-20 | Name : The remote host is missing the patch for the advisory RHSA-2011-0558 File : redhat-RHSA-2011-0558.nasl - Type : ACT_GATHER_INFO |
2011-05-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-091.nasl - Type : ACT_GATHER_INFO |
2011-05-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_perl-110506.nasl - Type : ACT_GATHER_INFO |
2011-05-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_perl-7508.nasl - Type : ACT_GATHER_INFO |
2011-05-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_perl-110506.nasl - Type : ACT_GATHER_INFO |
2011-04-25 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4918.nasl - Type : ACT_GATHER_INFO |
2011-04-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4631.nasl - Type : ACT_GATHER_INFO |
2011-04-14 | Name : The remote Fedora host is missing a security update. File : fedora_2011-4610.nasl - Type : ACT_GATHER_INFO |
2010-09-02 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0013.nasl - Type : ACT_GATHER_INFO |
2010-06-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-116.nasl - Type : ACT_GATHER_INFO |
2010-06-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0458.nasl - Type : ACT_GATHER_INFO |
2010-06-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0458.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2010-002.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_perl-090128.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_perl-090128.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-700-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-700-2.nasl - Type : ACT_GATHER_INFO |
2008-12-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1678.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:37:55 |
|
2013-11-28 13:18:21 |
|