Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24209
HistoryApr 10, 2020 - 12:49 a.m.

Denial Of Service (DoS)

2020-04-1000:49:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13

EPSS

0

Percentile

10.1%

Perl is vulnerable to Denial Of Service (DoS).Due to race conditions occured in the way the File::Path moduleโ€™s rmtree function removed directory trees, a malicious, local user with write access to a directory being removed by a victim, running a Perl script using rmtree, could cause the permissions of arbitrary files to be changed to world-writable and setuid, or delete arbitrary files via a symbolic link attack, if the victim had the privileges to change the permissions of the target files or to remove them.

References