Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2004-0452HistoryDec 21, 2004 - 5:00 a.m.
CVE-2004-0452
2004-12-2105:00:00
Debian Security Bug Tracker
security-tracker.debian.org
7
2.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
9.4%
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | perl | < 5.8.4-5 | perl_5.8.4-5_all.deb |
| Debian | 11 | all | perl | < 5.8.4-5 | perl_5.8.4-5_all.deb |
| Debian | 10 | all | perl | < 5.8.4-5 | perl_5.8.4-5_all.deb |
| Debian | 999 | all | perl | < 5.8.4-5 | perl_5.8.4-5_all.deb |
| Debian | 13 | all | perl | < 5.8.4-5 | perl_5.8.4-5_all.deb |
Related
openvas
openvas
FreeBSD Ports: perl
2008-09-04 00:00:00
FreeBSD Ports: perl
2008-09-04 00:00:00
Ubuntu: Security Advisory (USN-44-1)
2022-08-26 00:00:00
ubuntu
ubuntu
perl information leak
2004-12-21 00:00:00
cve
cve
freebsd
freebsd
perl -- File::Path insecure file/directory permissions
2004-12-30 00:00:00
ubuntucve
ubuntucve
nessus
nessus
Ubuntu 4.10 : perl vulnerabilities (USN-44-1)
2006-01-15 00:00:00
FreeBSD : perl -- File::Path insecure file/directory permissions (c418d472-6bd1-11d9-93ca-000a95bc6fae)
2005-07-13 00:00:00
Debian DSA-620-1 : perl - insecure temporary files / directories
2005-01-02 00:00:00
osv
osv
perl - privilege escalation
2008-12-03 00:00:00
perl - insecure temporary files / directories
2004-12-30 00:00:00
debiancve
debiancve
debian
debian
[SECURITY] [DSA 620-1] New perl packages fix several vulnerabilities
2004-12-30 16:50:22
[SECURITY] [DSA 620-1] New perl packages fix several vulnerabilities
2004-12-30 16:50:22
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
2008-12-03 06:15:24
redhat
redhat
(RHSA-2005:105) perl security update
2005-02-07 00:00:00
(RHSA-2005:103) perl security update
2005-02-15 00:00:00
gentoo
gentoo
Perl: rmtree and DBI tmpfile vulnerabilities
2005-01-26 00:00:00
prion
prion
Design/Logic Flaw
2008-06-23 19:41:00
Race condition
2008-12-01 17:30:00
Race condition
2008-12-01 17:30:00
securityvulns
securityvulns
Perl symbolic links race conditions
2008-12-04 00:00:00
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
2008-12-04 00:00:00
2.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
9.4%
Related for DEBIANCVE:CVE-2004-0452