Lucene search
Ubuntu.comUB:CVE-2013-7284HistoryApr 29, 2014 - 12:00 a.m.
CVE-2013-7284
2014-04-2900:00:00
ubuntu.com
ubuntu.com
9
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.554 Medium
EPSS
Percentile
97.7%
The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable
module, which allows remote attackers to execute arbitrary code via a
crafted request, which is not properly handled when it is deserialized.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734789>
- <https://bugzilla.redhat.com/show_bug.cgi?id=1030572>
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7284>
- <https://rt.cpan.org/Public/Bug/Display.html?id=90474>
Notes
| Author | Note |
|---|---|
| mdeslaur | upstream patch only adds a warning to documentation. We will not be issuing security updates to add the documentation change. |
Related
openvas
openvas
Gentoo Security Advisory GLSA 201403-08
2015-09-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:2238-1)
2021-04-19 00:00:00
nessus
nessus
SUSE SLES12 Security Update : perl-PlRPC (SUSE-SU-2020:2238-1)
2020-08-18 00:00:00
RHEL 7 : perl-plrpc (Unpatched Vulnerability)
2024-06-03 00:00:00
cvelist
cvelist
CVE-2013-7284
2014-04-29 14:00:00
gentoo
gentoo
PlRPC: Arbitrary code execution
2014-03-27 00:00:00
prion
prion
Design/Logic Flaw
2014-04-29 14:38:00
nvd
nvd
CVE-2013-7284
2014-04-29 14:38:49
cve
cve
CVE-2013-7284
2014-04-29 14:38:49
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.554 Medium
EPSS
Percentile
97.7%
Related for UB:CVE-2013-7284