Oracle Solaris Third-Party Patch Update for perl-58 (CVE-2012-6329) Code Injectio
Reporter | Title | Published | Views | Family All 105 |
---|---|---|---|---|
![]() | TWiki 5.1.2 Command Execution Vulnerability | 15 Dec 201200:00 | – | zdt |
![]() | TWiki MAKETEXT Remote Command Execution Vulnerability | 23 Dec 201200:00 | – | zdt |
![]() | Foswiki MAKETEXT Remote Command Execution Vulnerability | 23 Dec 201200:00 | – | zdt |
![]() | Foswiki 1.0.10 / 1.1.6 Code Injection / Denial Of Service | 18 Dec 201200:00 | – | zdt |
![]() | Foswiki MAKETEXT 1.1.7 / 1.0.10 Code Execution Vulnerability | 20 Feb 201300:00 | – | zdt |
![]() | Perl vulnerability | 5 Feb 201400:00 | – | ubuntu |
![]() | GLSA-201410-02 : Perl, Perl Locale-Maketext module: Multiple vulnerabilities | 13 Oct 201400:00 | – | nessus |
![]() | Fedora 16 : perl-5.14.3-205.fc16 (2013-0633) | 25 Jan 201300:00 | – | nessus |
![]() | AIX Perl Advisory : perl_advisory4.asc | 28 Apr 201400:00 | – | nessus |
![]() | Ubuntu 10.04 LTS / 12.04 LTS / 12.10 : perl vulnerability (USN-2099-1) | 6 Feb 201400:00 | – | nessus |
Source | Link |
---|---|
nessus | www.nessus.org/u |
nessus | www.nessus.org/u |
cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Oracle Third Party software advisories.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(80730);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2012-6329");
script_name(english:"Oracle Solaris Third-Party Patch Update : perl-58 (cve_2012_6329_code_injection1)");
script_summary(english:"Check for the 'entire' version.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Solaris system is missing a security patch for third-party
software."
);
script_set_attribute(
attribute:"description",
value:
"The remote Solaris system is missing necessary patches to address
security updates :
- The _compile function in Maketext.pm in the
Locale::Maketext implementation in Perl before 5.17.7
does not properly handle backslashes and fully qualified
method names during compilation of bracket notation,
which allows context-dependent attackers to execute
arbitrary commands via crafted input to an application
that accepts translation strings from users, as
demonstrated by the TWiki application before 5.1.3, and
the Foswiki application 1.0.x through 1.0.10 and 1.1.x
through 1.1.6. (CVE-2012-6329)"
);
# https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?4a913f44"
);
# https://blogs.oracle.com/sunsecurity/cve-2012-6329-code-injection-vulnerability-in-perl-58
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?7f277a95"
);
script_set_attribute(attribute:"solution", value:"Upgrade to Solaris 11.1.7.5.0.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"d2_elliot_name", value:"TWiki 5.1.2 RCE");
script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:perl-58");
script_set_attribute(attribute:"patch_publication_date", value:"2013/07/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"Solaris Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("solaris.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Solaris11/release");
if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
pkg_list = solaris_pkg_list_leaves();
if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages");
if (empty_or_null(egrep(string:pkg_list, pattern:"^perl-58$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl-58");
flag = 0;
if (solaris_check_release(release:"0.5.11-0.175.1.7.0.5.0", sru:"SRU 11.1.7.5.0") > 0) flag++;
if (flag)
{
error_extra = 'Affected package : perl-58\n' + solaris_get_report2();
error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra);
if (report_verbosity > 0) security_hole(port:0, extra:error_extra);
else security_hole(0);
exit(0);
}
else audit(AUDIT_PACKAGE_NOT_AFFECTED, "perl-58");
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo