Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-2827HistoryJun 23, 2008 - 7:41 p.m.
CVE-2008-2827
2008-06-2319:41:00
Debian Security Bug Tracker
security-tracker.debian.org
12
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
9.0%
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | perl | < 5.10.0-11 | perl_5.10.0-11_all.deb |
| Debian | 11 | all | perl | < 5.10.0-11 | perl_5.10.0-11_all.deb |
| Debian | 10 | all | perl | < 5.10.0-11 | perl_5.10.0-11_all.deb |
| Debian | 999 | all | perl | < 5.10.0-11 | perl_5.10.0-11_all.deb |
| Debian | 13 | all | perl | < 5.10.0-11 | perl_5.10.0-11_all.deb |
Related
cve
cve
prion
prion
Design/Logic Flaw
2008-06-23 19:41:00
Race condition
2008-12-01 17:30:00
Race condition
2008-12-01 17:30:00
ubuntucve
ubuntucve
openvas
openvas
FreeBSD Ports: p5-File-Path
2009-01-07 00:00:00
FreeBSD Ports: perl
2009-02-13 00:00:00
FreeBSD Ports: perl
2009-02-13 00:00:00
osv
osv
perl - privilege escalation
2008-12-03 00:00:00
perl - design flaw
2005-03-22 00:00:00
perl - insecure temporary files / directories
2004-12-30 00:00:00
debiancve
debiancve
gentoo
gentoo
Perl: rmtree and DBI tmpfile vulnerabilities
2005-01-26 00:00:00
nessus
nessus
GLSA-200501-38 : Perl: rmtree and DBI tmpfile vulnerabilities
2005-02-14 00:00:00
Debian DSA-1678-1 : perl - design flaws
2008-12-04 00:00:00
Fedora 9 : perl-5.10.0-27.fc9 (2008-5739)
2008-07-02 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
2008-12-04 00:00:00
Perl symbolic links race conditions
2008-12-04 00:00:00
debian
debian
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
2008-12-03 06:15:24
[SECURITY] [DSA 696-1] New perl packages fix privilege escalation
2005-03-22 10:56:32
[SECURITY] [DSA 696-1] New perl packages fix privilege escalation
2005-03-22 10:56:32
fedora
fedora
[SECURITY] Fedora 9 Update: perl-5.10.0-27.fc9
2008-07-26 05:55:48
[SECURITY] Fedora 9 Update: perl-5.10.0-27.fc9
2008-06-26 08:33:28
[SECURITY] Fedora 10 Update: perl-5.10.0-73.fc10
2009-07-16 07:33:06
ubuntu
ubuntu
perl information leak
2004-12-21 00:00:00
Perl vulnerability
2005-03-09 00:00:00
freebsd
freebsd
perl -- File::Path insecure file/directory permissions
2004-12-30 00:00:00
p5-File-Path -- rmtree allows creation of setuid files
2008-11-28 00:00:00
perl -- Directory Permissions Race Condition
2005-03-09 00:00:00
seebug
seebug
Perl rmtree()函数本地不安全权限漏洞
2008-06-25 00:00:00
redhat
redhat
(RHSA-2005:674) perl security update
2005-10-05 00:00:00
(RHSA-2005:881) perl security update
2005-12-20 00:00:00
(RHSA-2005:105) perl security update
2005-02-07 00:00:00
centos
centos
perl security update
2005-10-05 16:18:28
perl security update
2005-12-20 23:33:21
oraclelinux
oraclelinux
perl security update
2010-06-07 00:00:00
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
9.0%
Related for DEBIANCVE:CVE-2008-2827