CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
97.7%
The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.
Vendor | Product | Version | CPE |
---|---|---|---|
malcolm_nooning | pirpc | * | cpe:2.3:a:malcolm_nooning:pirpc:*:*:*:*:*:perl:*:* |
malcolm_nooning | pirpc | 0.2000 | cpe:2.3:a:malcolm_nooning:pirpc:0.2000:*:*:*:*:perl:*:* |
malcolm_nooning | pirpc | 0.2001 | cpe:2.3:a:malcolm_nooning:pirpc:0.2001:*:*:*:*:perl:*:* |
malcolm_nooning | pirpc | 0.2002 | cpe:2.3:a:malcolm_nooning:pirpc:0.2002:*:*:*:*:perl:*:* |
malcolm_nooning | pirpc | 0.2003 | cpe:2.3:a:malcolm_nooning:pirpc:0.2003:*:*:*:*:perl:*:* |
malcolm_nooning | pirpc | 0.2010 | cpe:2.3:a:malcolm_nooning:pirpc:0.2010:*:*:*:*:perl:*:* |
malcolm_nooning | pirpc | 0.2011 | cpe:2.3:a:malcolm_nooning:pirpc:0.2011:*:*:*:*:perl:*:* |
malcolm_nooning | pirpc | 0.2012 | cpe:2.3:a:malcolm_nooning:pirpc:0.2012:*:*:*:*:perl:*:* |
malcolm_nooning | pirpc | 0.2013 | cpe:2.3:a:malcolm_nooning:pirpc:0.2013:*:*:*:*:perl:*:* |
malcolm_nooning | pirpc | 0.2014 | cpe:2.3:a:malcolm_nooning:pirpc:0.2014:*:*:*:*:perl:*:* |