OSVDB ID: 11201

Title: Perl on Trustix Secure Linux Multiple Script Insecure Temporary File Creation

Info

Disclosure

Sep 30, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Multiple scripts within Perl contain a flaw that may allow a malicious user to overwrite arbitrary files with the permissions of the user running the script. The is due to the scripts' creation of world-writeable symbolic links, which an attacker can make point to any file in the filesystem. When the script uses the symlink to write data later, the newly specified file is overwritten, causing a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to version 5.8.5 or higher, as it has been reported to fix the majority of these vulnerabilities. An upgrade is required as there are no known workarounds.

Products

Larry Wall	Perl	5.8.3.x
		5.8.4.x
		5.8.5

References

Bugtraq ID: 11294
Secunia Advisory ID: 12991 13388 13702 17645 17661 18075 18517
ISS X-Force ID: 17583
CVE ID: 2004-0976 (see also: NVD)
Vendor Specific Advisory URL: ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U.asc http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:031
Other Advisory URL: http://security.gentoo.org/glsa/glsa-200412-04.xml
http://www.debian.org/security/2004/dsa-620
http://www.trustix.org/errata/2004/0050/
Vendor URL: http://www.perl.org/
RedHat RHSA: RHSA-2005:881
Keyword: SCOSA-2005.49

Credit

Trustix Secure Linux - Trustix Secure Linux

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Larry Wall

Perl

References

Credit