Lucene search
RootSSV:60094HistoryMay 04, 2012 - 12:00 a.m.
Perl Config::IniFiles Module不安全临时文件创建漏洞
2012-05-0400:00:00
Root
www.seebug.org
18
0.0004 Low
EPSS
Percentile
5.7%
BUGTRAQ ID: 53361
CVE ID: CVE-2012-2451
Perl是一种高级、通用、直译式、动态的程序语言。
Perl的Config::IniFiles模块中存在安全漏洞,应用使用临时文件的方式不安全,可被恶意本地用户利用通过符号链接攻击以提升的权限执行某些操作,例如覆盖任意文件。
0
Perl Config::IniFiles 2.7
厂商补丁:
Perl
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
nessus
nessus
Fedora 17 : perl-Config-IniFiles-2.72-1.fc17 (2012-7763)
2012-05-29 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libconfig-inifiles-perl vulnerability (USN-1543-1)
2012-08-21 00:00:00
GLSA-201208-05 : Perl Config-IniFiles Module: Insecure temporary file usage
2012-08-15 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: perl-Config-IniFiles-2.72-1.fc17
2012-05-26 08:05:05
[SECURITY] Fedora 16 Update: perl-Config-IniFiles-2.72-1.fc16
2012-05-22 02:26:12
[SECURITY] Fedora 15 Update: perl-Config-IniFiles-2.72-1.fc15
2012-05-22 02:25:07
openvas
openvas
Ubuntu Update for libconfig-inifiles-perl USN-1543-1
2012-08-21 00:00:00
Fedora Update for perl-Config-IniFiles FEDORA-2012-7777
2012-05-22 00:00:00
Fedora Update for perl-Config-IniFiles FEDORA-2012-7777
2012-05-22 00:00:00
gentoo
gentoo
Perl Config-IniFiles Module: Insecure temporary file usage
2012-08-14 00:00:00
ubuntucve
ubuntucve
CVE-2012-2451
2012-06-27 00:00:00
freebsd
freebsd
p5-Config-IniFiles -- unsafe temporary file creation
2012-05-02 00:00:00
cve
cve
CVE-2012-2451
2012-06-27 21:55:00
securityvulns
securityvulns
[USN-1543-1] Config-IniFiles vulnerability
2012-09-03 00:00:00
Config::IniFiles symbolic links vulnerability
2012-09-03 00:00:00
ubuntu
ubuntu
Config-IniFiles vulnerability
2012-08-20 00:00:00
prion
prion
Cross site scripting
2012-06-27 21:55:00
cvelist
cvelist
CVE-2012-2451
2012-06-27 21:00:00
debiancve
debiancve
CVE-2012-2451
2012-06-27 21:55:00