75 matches found
EUVD-2005-0449
Malware in sbrugna...
EUVD-2008-2820
Malware in sbrugna...
EUVD-2008-5279
Malware in sbrugna...
EUVD-2008-5280
Malware in sbrugna...
SUSE CVE-2004-0452
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack...
SUSE CVE-2005-0448
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452...
SUSE CVE-2008-2827
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452...
SUSE CVE-2008-5303
Race condition in the rmtree function in File::Path 1.08 lib/File/Path.pm in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. ...
SUSE CVE-2008-5302
Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...
Ubuntu: Security Advisory (USN-3625-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-94-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
Perl is vulnerable to Denial Of Service DoS.Due to race conditions occured in the way the File::Path module's rmtree function removed directory trees, a malicious, local user with write access to a directory being removed by a victim, running a Perl script using rmtree, could cause the permission...
EulerOS Virtualization for ARM 64 3.0.2.0 : perl-File-Path (EulerOS-SA-2020-1187)
According to the version of the perl-File-Path package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Race condition in the rmtree and removetree functions in the File-Path module before 2.13 for Perl allows attacker...
Multiple Security Bypass Vulnerabilities in File-Path Module
File-Path is a module for creating and removing directory trees. A security vulnerability exists in the 'removetree' and 'rmtree' functions in versions of the File-Path module prior to 2.13. An attacker can exploit this vulnerability to set the mode of arbitrary files...
Fedora 25 : perl-File-Path (2017-dd42592f9a)
This release fixes a possible setting arbitrary mode on an arbitrary file in rmtree and removetree calls known as CVE-2017-6512. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...
DEBIAN-CVE-2017-6512
Race condition in the rmtree and removetree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic...
UBUNTU-CVE-2017-6512
Race condition in the rmtree and removetree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic...
Perl 'rmtree()' Function Local Insecure Permissions Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29902/info Computers running Perl are prone to a local vulnerability that occurs when handling symbolic links. Attackers can leverage this issue to change the permissions of arbitrary files. Perl 5.10.0 is vulnerable; oth...
CentOS 4 : perl (CESA-2005:674)
Updated Perl packages that fix security issues and contain several bug fixes are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system...
perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...