Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-620-1
HistoryDec 30, 2004 - 12:00 a.m.

perl - insecure temporary files / directories

2004-12-3000:00:00
Google
osv.dev
10

0.0004 Low

EPSS

Percentile

10.1%

JSON

Several vulnerabilities have been discovered in Perl, the popular
scripting language. The Common Vulnerabilities and Exposures project
identifies the following problems:

  • CAN-2004-0452
    Jeroen van Wolffelaar discovered that the rmtree() function in the
    File::Path module removes directory trees in an insecure manner
    which could lead to the removal of arbitrary files and directories
    through a symlink attack.

  • CAN-2004-0976
    Trustix developers discovered several insecure uses of temporary
    files in many modules which allow a local attacker to overwrite
    files via a symlink attack.

For the stable distribution (woody) these problems have been fixed in
version 5.6.1-8.8.

For the unstable distribution (sid) these problems have been fixed in
version 5.8.4-5.

We recommend that you upgrade your perl packages.

CPENameOperatorVersion
perleq5.6.1-8.7

Related

debian 3
openvas 23
nessus 14
ubuntu 2
gentoo 2
ubuntucve 6
cve 6
nvd 6
debiancve 6
cvelist 6
freebsd 1
osv 1
centos 1
redhat 3
prion 3
securityvulns 2
debian
debian
[SECURITY] [DSA 620-1] New perl packages fix several vulnerabilities
2004-12-30 16:50:22
[SECURITY] [DSA 620-1] New perl packages fix several vulnerabilities
2004-12-30 16:50:22
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
2008-12-03 06:15:24
openvas
openvas
Debian Security Advisory DSA 620-1 (perl)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-620-1)
2008-01-17 00:00:00
Ubuntu: Security Advisory (USN-16-1)
2022-08-26 00:00:00
nessus
nessus
Debian DSA-620-1 : perl - insecure temporary files / directories
2005-01-02 00:00:00
Mandrake Linux Security Advisory : perl (MDKSA-2005:031)
2005-02-10 00:00:00
Ubuntu 4.10 : perl vulnerabilities (USN-16-1)
2006-01-15 00:00:00
ubuntu
ubuntu
perl vulnerabilities
2004-11-03 00:00:00
perl information leak
2004-12-21 00:00:00
gentoo
gentoo
Perl: Insecure temporary file creation
2004-12-07 00:00:00
Perl: rmtree and DBI tmpfile vulnerabilities
2005-01-26 00:00:00
ubuntucve
ubuntucve
CVE-2004-0976
2005-02-09 00:00:00
CVE-2004-0452
2004-12-21 00:00:00
CVE-2005-0448
2005-05-02 00:00:00
cve
cve
CVE-2004-0976
2005-02-09 05:00:00
CVE-2004-0452
2004-12-31 05:00:00
CVE-2005-0448
2005-05-02 04:00:00
nvd
nvd
CVE-2004-0976
2005-02-09 05:00:00
CVE-2004-0452
2004-12-21 05:00:00
CVE-2005-0448
2005-05-02 04:00:00
debiancve
debiancve
CVE-2004-0976
2005-02-09 05:00:00
CVE-2004-0452
2004-12-31 05:00:00
CVE-2005-0448
2005-05-02 04:00:00
cvelist
cvelist
CVE-2004-0976
2004-10-20 04:00:00
CVE-2004-0452
2004-12-31 05:00:00
CVE-2005-0448
2005-03-12 05:00:00
freebsd
freebsd
perl -- File::Path insecure file/directory permissions
2004-12-30 00:00:00
osv
osv
perl - privilege escalation
2008-12-03 00:00:00
centos
centos
perl security update
2005-12-20 23:33:21
redhat
redhat
(RHSA-2005:881) perl security update
2005-12-20 00:00:00
(RHSA-2005:103) perl security update
2005-02-15 00:00:00
(RHSA-2005:105) perl security update
2005-02-07 00:00:00
prion
prion
Design/Logic Flaw
2008-06-23 19:41:00
Race condition
2008-12-01 17:30:00
Race condition
2008-12-01 17:30:00
securityvulns
securityvulns
Perl symbolic links race conditions
2008-12-04 00:00:00
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
2008-12-04 00:00:00

0.0004 Low

EPSS

Percentile

10.1%

JSON
Related for OSV:DSA-620-1
debian3openvas23nessus14ubuntu2gentoo2ubuntucve6cve6nvd6debiancve6cvelist6freebsd1osv1centos1redhat3prion3securityvulns2