19 matches found
SUSE CVE-2008-5302
Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...
CentOS 4 : perl (CESA-2005:674)
Updated Perl packages that fix security issues and contain several bug fixes are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system...
FreeBSD : perl -- Directory Permissions Race Condition (4a99d61c-f23a-11dd-9f55-0030843d3802)
Secunia reports : Paul Szabo has reported a vulnerability in Perl File::Path::rmtree, which potentially can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a race condition in the way File::Path::rmtree handles directory permissions when...
Debian Security Advisory DSA 1678-2 (perl)
The remote host is missing an update to perl announced via advisory DSA 1678-2. OpenVAS Vulnerability Test $Id: deb16782.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1678-2 perl Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
[SECURITY] [DSA 1678-2] New perl packages fix regression
------------------------------------------------------------------------ Debian Security Advisory DSA-1678-2 [email protected] http://www.debian.org/security/ Florian Weimer December 21, 2008 http://www.debian.org/security/faq -...
Debian DSA-1678-1 : perl - design flaws
Paul Szabo rediscovered a vulnerability in the File::Path::rmtree function of Perl. It was possible to exploit a race condition to create setuid binaries in a directory tree or remove arbitrary files when a process is deleting this tree. This issue was originally known as CVE-2005-0448 and...
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
------------------------------------------------------------------------ Debian Security Advisory DSA-1678-1 [email protected] http://www.debian.org/security/ Steffen Joeris December 03, 2008 http://www.debian.org/security/faq -...
DEBIAN-CVE-2008-5302
Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...
Gentoo Security Advisory GLSA 200501-38 (Perl)
The remote host is missing updates announced in advisory GLSA 200501-38. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200501-38 (Perl)
The remote host is missing updates announced in advisory GLSA 200501-38. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 3 : perl (CESA-2005:881)
Updated Perl packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration utilitie...
Ubuntu 4.10 : perl vulnerabilities (USN-44-1)
A race condition and possible information leak has been discovered in Perl's File::Path::rmtree. This function changes the permission of files and directories before removing them to avoid problems with wrong permissions. However, they were made readable and writable not only for the owner, but f...
perl security update
CentOS Errata and Security Advisory CESA-2005:881 Updated Perl packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Perl is a high-level programming languag...
perl security update
CentOS Errata and Security Advisory CESA-2005:674 Updated Perl packages that fix security issues and contain several bug fixes are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Perl is a high-level...
Low: Red Hat Security Advisory: perl security update
Updated Perl packages that fix security issues and contain several bug fixes are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system...
Fedora Core 3 : perl-5.8.5-14.FC3 (2005-600)
Paul Szabo discovered another vulnerability in the File::Path::rmtree function of perl, the popular scripting language. When a process is deleting a directory tree, a different user could exploit a race condition to create setuid binaries in this directory tree, provided that he already had write...
Debian DSA-696-1 : perl - design flaw
Paul Szabo discovered another vulnerability in the File::Path::rmtree function of perl, the popular scripting language. When a process is deleting a directory tree, a different user could exploit a race condition to create setuid binaries in this directory tree, provided that he already had write...
DSA-696-1 perl - design flaw
Bulletin has no description...
[SA13643] Perl "File::Path::rmtree" Race Condition
TITLE: Perl "File::Path::rmtree" Race Condition SECUNIA ADVISORY ID: SA13643 VERIFY ADVISORY: http://secunia.com/advisories/13643/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Perl 5.x http://secunia.com/product/2647/ DESCRIPTION: Paul Szabo has reported a...