Lucene search
K

29 matches found

CVE
CVE
added 2008/06/23 7:0 p.m.70 views

CVE-2008-2827

CVE-2008-2827 involves the rmtree function in File::Path.pm of Perl 5.10. The description indicates a permissions check flaw before performing chmod, enabling local users to modify the permissions of arbitrary files via a symlink attack. This is a race-condition/permissions bug in the rmtree path...

4.6CVSS5.8AI score0.0085EPSS
Exploits2References11Affected Software1
Debian CVE
Debian CVE
added 2008/06/23 7:0 p.m.32 views

CVE-2008-2827

The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452...

4.6CVSS6.1AI score0.0085EPSS
Exploits2
exploitpack
exploitpack
added 2008/06/23 12:0 a.m.12 views

Perl - rmtree() Function Local Insecure Permissions

Perl - rmtree Function Local Insecure Permissions source: https://www.securityfocus.com/bid/29902/info Computers running Perl are prone to a local vulnerability that occurs when handling symbolic links. Attackers can leverage this issue to change the permissions of arbitrary files. Perl 5.10.0 is...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/23 12:0 a.m.22 views

Perl - 'rmtree()' Function Local Insecure Permissions

source: https://www.securityfocus.com/bid/29902/info Computers running Perl are prone to a local vulnerability that occurs when handling symbolic links. Attackers can leverage this issue to change the permissions of arbitrary files. Perl 5.10.0 is vulnerable; other versions may also be affected. ...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.23 views

Ubuntu 4.10 : perl vulnerability (USN-94-1)

Paul Szabo discovered another vulnerability in the rmtree function in File::Path.pm. While a process running as root or another user was busy deleting a directory tree, a different user could exploit a race condition to create setuid binaries in this directory tree, provided that he already had...

1.2CVSS8.1AI score0.00387EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2005/12/20 3:0 p.m.5 views

security flaw

Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452...

1.2CVSS7.4AI score0.00387EPSS
Exploits0References4
NVD
NVD
added 2005/05/02 4:0 a.m.23 views

CVE-2005-0448

Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452...

1.2CVSS5.9AI score0.00387EPSS
Exploits0References18
Ubuntu
Ubuntu
added 2005/03/09 9:31 p.m.64 views

USN-94-1: Perl vulnerability

Paul Szabo discovered another vulnerability in the rmtree function in File::Path.pm. While a process running as root or another user was busy deleting a directory tree, a different user could exploit a race condition to create setuid binaries in this directory tree, provided that he already had...

1.2CVSS8.2AI score0.00387EPSS
Exploits0
CVE
CVE
added 2004/12/31 5:0 a.m.91 views

CVE-2004-0452

CVE-2004-0452 : Race condition in File::Path::rmtree in Perl 5.6.1 and 5.8.4 sets world-write permissions, enabling local users to delete arbitrary files/directories and potentially read them via a symlink attack. This is tied to the Perl File::Path module and the rmtree operation. No explicit fi...

2.6CVSS5.9AI score0.00406EPSS
Exploits0References14Affected Software1
Rows per page
Query Builder