CVE-2011-0761 – Perl 5.10 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-0761
Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir function call. Perl v5.10.x permite a atacantes dependientes de contexto provocar una denegación del servicio (desreferencia a un puntero NULL y bloqueo de la aplicación) elevando una habilidad para inyectar argumentos en una llamada a la función (1) "getpeername", (2) "readdir", (3) "closedir", (4) "getsockname", (5) "rewinddir", (6) "tell", o (7) "telldir". • https://www.exploit-db.com/exploits/35725 http://securityreason.com/securityalert/8248 http://securitytracker.com/id?1025507 http://www.securityfocus.com/archive/1/517916/100/0/threaded http://www.securityfocus.com/bid/47766 http://www.toucan-system.com/advisories/tssa-2011-03.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/67355 •
CVE-2011-1487 – Perl 5.x - 'lc()' / 'uc()' TAINT Mode Protection Security Bypass
https://notcve.org/view.php?id=CVE-2011-1487
The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string. Las funciones (1) lc, (2) lcfirst, (3) uc, y (4) ucfirst en Perl v5.10.x, v5.11.x, y v5.12.x hasta v5.12.3, y v5.13.x hasta v5.13.11, no aplica el atributo taint para devolver el valor sobre el proceso de entrada tainted, lo que puede permitir a atacantes dependientes del contexto evitar el mecanismo de protección de taint a través de una cadena manipulada. • https://www.exploit-db.com/exploits/35554 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://openwall.com/lists/oss-security/2011/04/01/3 http://openwall.com/lists/oss-security/2011/04/04/35 http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99 http://rt.perl.org/rt3/Publ • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-5302 – perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
https://notcve.org/view.php?id=CVE-2008-5302
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions. Condición de carrera en la función rmtree de File::Path 1.08 y 2.07 (lib/File/Path.pm) en Perl 5.8.8 y 5.10.0 permite a usuarios locales crear binarios setuid arbitrarios a través de un ataque por enlace simbólico. Se trata de una vulnerabilidad diferente que CVE-2005-0448, CVE-2004-0452 y CVE-2008-2827. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286905 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286922#36 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://secunia.com/advisories/32980 http://secunia.com/advisories/33314 http://secunia.com • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2008-2827 – Perl - 'rmtree()' Function Local Insecure Permissions
https://notcve.org/view.php?id=CVE-2008-2827
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452. La función rmtree en lib/File/Path.pm de Perl 5.10 no comprueba correctamente los permisos antes de realizar chmod, lo que permite a usuarios locales modificar los permisos de archivos de su elección mediante un ataque de enlaces simbólicos, una vulnerabilidad distinta a CVE-2005-0448 y CVE-2004-0452. • https://www.exploit-db.com/exploits/31959 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319 http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://rt.cpan.org/Public/Bug/Display.html?id=36982 http://secunia.com/advisories/30790 http://secunia.com/advisories/30837 http://secunia.com/advisories/31687 http://www.mandriva.com/security/advisories?name=MDVSA-2008:165 http://www.securityfocus.com/bid/29902 http://www.securitytracker.com/id?1020373 h • CWE-264: Permissions, Privileges, and Access Controls •