22 matches found
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal via the ToolConfigModel tool and config name handling in the Ruby and Python models. An attacker can write or delete arbitrary files within the shared /plugins directory by supplying tool or config names containi...
EUVD-2017-0727
Malware in sbrugna...
EUVD-2017-0728
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-0374
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/Config/Model.pm in Config-Model aka libconfig-model-perl before 2.102 allows local users to gain privileges via a crafted model in the current working...
Linux Distros Unpatched Vulnerability : CVE-2017-0373
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig- model-perl before 2.102 has a dangerous use lib line, whi...
Config-Model Security Bypass Vulnerability
Config-Model aka libconfig-model-perl is an open source tool for validating, migrating or editing configuration files, which can support a variety of user interfaces such as graphical and interactive commands. A security bypass vulnerability exists in the genclasspod implementation of the...
Config-Model Local Elevation of Privilege Vulnerability
Config-Model aka libconfig-model-perl is an open source tool for validating, migrating or editing configuration files, which can support a variety of user interfaces such as graphical and interactive commands. A security vulnerability exists in the lib/Config/Model.pm file in versions of...
UBUNTU-CVE-2017-0373
The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...
CVE-2017-0373
The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...
CVE-2017-0374
lib/Config/Model.pm in Config-Model aka libconfig-model-perl before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array...
CVE-2017-0374
lib/Config/Model.pm in Config-Model aka libconfig-model-perl before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array...
DEBIAN-CVE-2017-0373
The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...
Design/Logic Flaw
lib/Config/Model.pm in Config-Model aka libconfig-model-perl before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array...
UBUNTU-CVE-2017-0374
lib/Config/Model.pm in Config-Model aka libconfig-model-perl before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array...
Code injection
The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...
CVE-2017-0374
lib/Config/Model.pm in Config-Model aka libconfig-model-perl before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array...
CVE-2017-0373
The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...
DEBIAN-CVE-2017-0374
lib/Config/Model.pm in Config-Model aka libconfig-model-perl before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array...
CVE-2017-0374
lib/Config/Model.pm in Config-Model aka libconfig-model-perl before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array...
CVE-2017-0373
The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...