Lucene search
Ubuntu.comUB:CVE-2013-2145HistoryJun 06, 2013 - 12:00 a.m.
CVE-2013-2145
2013-06-0600:00:00
ubuntu.com
ubuntu.com
6
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
41.0%
The cpansign verify functionality in the Module::Signature module before
0.72 for Perl allows attackers to bypass the signature check and execute
arbitrary code via a SIGNATURE file with a “special unknown cipher” that
references an untrusted module in Digest/.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 12.04 | noarch | libmodule-signature-perl | < 0.68-1ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | libmodule-signature-perl | < 0.68-1ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | libmodule-signature-perl | < 0.68-1ubuntu0.13.04.1 | UNKNOWN |
Related
openvas
openvas
Fedora Update for perl-Module-Signature FEDORA-2013-10430
2013-06-18 00:00:00
Ubuntu Update for libmodule-signature-perl USN-1896-1
2013-07-05 00:00:00
Mageia: Security Advisory (MGASA-2013-0184)
2022-01-28 00:00:00
debiancve
debiancve
CVE-2013-2145
2013-08-19 23:55:00
gentoo
gentoo
Perl Module-Signature module: Arbitrary code execution
2013-10-04 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: perl-Module-Signature-0.73-1.fc17
2013-06-18 01:35:48
[SECURITY] Fedora 18 Update: perl-Module-Signature-0.73-1.fc18
2013-06-18 01:32:55
[SECURITY] Fedora 19 Update: perl-Module-Signature-0.73-1.fc19
2013-06-16 06:13:47
nessus
nessus
Fedora 19 : perl-Module-Signature-0.73-1.fc19 (2013-10354)
2013-07-12 00:00:00
Fedora 17 : perl-Module-Signature-0.73-1.fc17 (2013-10415)
2013-07-12 00:00:00
ubuntu
ubuntu
Module::Signature perl module vulnerability
2013-07-03 00:00:00
prion
prion
Design/Logic Flaw
2013-08-19 23:55:00
securityvulns
securityvulns
perl Module::Signature privilege escalation
2013-07-08 00:00:00
[USN-1896-1] Module::Signature perl module vulnerability
2013-07-08 00:00:00
mageia
mageia
Updated perl-Module-Signature package fixes CVE-2013-2145
2013-06-26 22:12:25
cve
cve
CVE-2013-2145
2013-08-19 23:55:00
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
41.0%
Related for UB:CVE-2013-2145