CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
85.4%
SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to trigger.
Vendor | Product | Version | CPE |
---|---|---|---|
paul_kulchenko | soap_lite | 0.50 | cpe:2.3:a:paul_kulchenko:soap_lite:0.50:*:*:*:*:*:*:* |
paul_kulchenko | soap_lite | 0.51 | cpe:2.3:a:paul_kulchenko:soap_lite:0.51:*:*:*:*:*:*:* |
paul_kulchenko | soap_lite | 0.52 | cpe:2.3:a:paul_kulchenko:soap_lite:0.52:*:*:*:*:*:*:* |
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02%3A02.asc
online.securityfocus.com/archive/1/267051
use.perl.org/articles/02/04/09/000212.shtml?tid=5
www.phrack.com/show.php?p=58&a=9
www.phrack.org/show.php?p=58&a=9
www.securityfocus.com/bid/4493
www.soaplite.com/
exchange.xforce.ibmcloud.com/vulnerabilities/8838