Lucene search
This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2005-079.NASLHistoryMay 02, 2005 - 12:00 a.m.
Mandrake Linux Security Advisory : perl (MDKSA-2005:079)
2005-05-0200:00:00
This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.
www.tenable.com
12
CVSS2
1.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
EPSS
0.001
Percentile
26.5%
Paul Szabo discovered another vulnerability in the rmtree() function in File::Path.pm. While a process running as root (or another user) was busy deleting a directory tree, a different user could exploit a race condition to create setuid binaries in this directory tree, provided that he already had write permissions in any subdirectory of that tree.
The provided packages have been patched to resolve this problem.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandrake Linux Security Advisory MDKSA-2005:079.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(18172);
script_version("1.18");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2005-0448");
script_xref(name:"MDKSA", value:"2005:079");
script_name(english:"Mandrake Linux Security Advisory : perl (MDKSA-2005:079)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandrake Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Paul Szabo discovered another vulnerability in the rmtree() function
in File::Path.pm. While a process running as root (or another user)
was busy deleting a directory tree, a different user could exploit a
race condition to create setuid binaries in this directory tree,
provided that he already had write permissions in any subdirectory of
that tree.
The provided packages have been patched to resolve this problem."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-doc");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.1");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:mandrakesoft:mandrake_linux:le2005");
script_set_attribute(attribute:"patch_publication_date", value:"2005/04/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/05/02");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK10.0", reference:"perl-5.8.3-5.4.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"perl-base-5.8.3-5.4.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"perl-devel-5.8.3-5.4.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"perl-doc-5.8.3-5.4.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"perl-5.8.5-3.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"perl-base-5.8.5-3.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"perl-devel-5.8.5-3.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"perl-doc-5.8.5-3.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"perl-5.8.6-6.1.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"perl-base-5.8.6-6.1.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"perl-devel-5.8.6-6.1.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"perl-doc-5.8.6-6.1.102mdk", yank:"mdk")) flag++;
if (flag)
{
if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
else security_note(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mandriva | linux | perl | p-cpe:/a:mandriva:linux:perl |
| mandriva | linux | perl-base | p-cpe:/a:mandriva:linux:perl-base |
| mandriva | linux | perl-devel | p-cpe:/a:mandriva:linux:perl-devel |
| mandriva | linux | perl-doc | p-cpe:/a:mandriva:linux:perl-doc |
| mandrakesoft | mandrake_linux | 10.0 | cpe:/o:mandrakesoft:mandrake_linux:10.0 |
| mandrakesoft | mandrake_linux | 10.1 | cpe:/o:mandrakesoft:mandrake_linux:10.1 |
| mandrakesoft | mandrake_linux | le2005 | x-cpe:/o:mandrakesoft:mandrake_linux:le2005 |
Related
debian
debian
[SECURITY] [DSA 696-1] New perl packages fix privilege escalation
2005-03-22 10:56:32
[SECURITY] [DSA 696-1] New perl packages fix privilege escalation
2005-03-22 10:56:32
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
2008-12-03 06:15:24
freebsd
freebsd
p5-File-Path -- rmtree allows creation of setuid files
2008-11-28 00:00:00
perl -- Directory Permissions Race Condition
2005-03-09 00:00:00
ubuntu
ubuntu
Perl vulnerability
2005-03-09 00:00:00
nessus
nessus
FreeBSD : perl -- Directory Permissions Race Condition (4a99d61c-f23a-11dd-9f55-0030843d3802)
2009-02-04 00:00:00
FreeBSD : p5-File-Path -- rmtree allows creation of setuid files (13b0c8c8-bee0-11dd-a708-001fc66e7203)
2009-01-05 00:00:00
CentOS 4 : perl (CESA-2005:674)
2013-06-29 00:00:00
redhat
redhat
(RHSA-2005:674) perl security update
2005-10-05 00:00:00
(RHSA-2005:881) perl security update
2005-12-20 00:00:00
osv
osv
perl - design flaw
2005-03-22 00:00:00
perl - privilege escalation
2008-12-03 00:00:00
centos
centos
perl security update
2005-10-05 16:18:28
perl security update
2005-12-20 23:33:21
openvas
openvas
Ubuntu: Security Advisory (USN-94-1)
2022-08-26 00:00:00
Debian: Security Advisory (DSA-696-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 696-1 (perl)
2008-01-17 00:00:00
nvd
nvd
cve
cve
ubuntucve
ubuntucve
cvelist
cvelist
debiancve
debiancve
gentoo
gentoo
Perl: rmtree and DBI tmpfile vulnerabilities
2005-01-26 00:00:00
prion
prion
Design/Logic Flaw
2008-06-23 19:41:00
Race condition
2008-12-01 17:30:00
Race condition
2008-12-01 17:30:00
securityvulns
securityvulns
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
2008-12-04 00:00:00
Perl symbolic links race conditions
2008-12-04 00:00:00
oraclelinux
oraclelinux
perl security update
2010-06-07 00:00:00
CVSS2
1.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
EPSS
0.001
Percentile
26.5%
Related for MANDRAKE_MDKSA-2005-079.NASL