RedHatRHSA-2005:072(RHSA-2005:072) perl-DBI security update
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.7%
DBI is a database access Application Programming Interface (API) for
the Perl programming language.
The Debian Security Audit Project discovered that the DBI library creates a
temporary PID file in an insecure manner. A local user could overwrite or
create files as a different user who happens to run an application which
uses DBI::ProxyServer. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0077 to this issue.
Users should update to this erratum package which disables the temporary
PID file unless configured.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | s390x | perl-dbi | <Â 1.40-8 | perl-DBI-1.40-8.s390x.rpm |
| RedHat | any | src | perl-dbi | <Â 1.40-8 | perl-DBI-1.40-8.src.rpm |
| RedHat | any | i386 | perl-dbi | <Â 1.40-8 | perl-DBI-1.40-8.i386.rpm |
| RedHat | any | ia64 | perl-dbi | <Â 1.40-8 | perl-DBI-1.40-8.ia64.rpm |
| RedHat | any | x86_64 | perl-dbi | <Â 1.40-8 | perl-DBI-1.40-8.x86_64.rpm |
| RedHat | any | s390 | perl-dbi | <Â 1.40-8 | perl-DBI-1.40-8.s390.rpm |
| RedHat | any | ppc | perl-dbi | <Â 1.40-8 | perl-DBI-1.40-8.ppc.rpm |
Related
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.7%