CPANSA-perl-2005-0156: perl vulnerability

Publisher	giterlizzi	Document category	csaf_security_advisory
Initial release date	2005-02-07T00:00:00	Engine	CSAF Perl Toolkit 0.25
Current release date	2005-02-07T00:00:00	Build Date
Current version	1	Status	final
CVSS v3.1 Base Score		Severity
Original language		Language	en
Also referred to

Vulnerability Description

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

Vulnerabilities

CVE-2005-0156

Vulnerability Description

Product status

Known affected

Product

Score

perl equal 5.8.0

CVSS Version	CVSS Vector	CVSS Base Score	CVSS Base Severity
2.0	AV:L/AC:L/Au:N/C:N/I:P/A:N	2.1	Low

giterlizzi

Namespace: https://github.com/giterlizzi/

gdt@cpan.org

References

CPANSA-perl-2005-0156 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2005/cpansa-perl-2005-0156.json
http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml external
http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml
http://www.redhat.com/support/errata/RHSA-2005-103.html external
http://www.redhat.com/support/errata/RHSA-2005-103.html
http://www.redhat.com/support/errata/RHSA-2005-105.html external
http://www.redhat.com/support/errata/RHSA-2005-105.html
http://www.trustix.org/errata/2005/0003/ external
http://www.trustix.org/errata/2005/0003/
http://www.securityfocus.com/bid/12426 external
http://www.securityfocus.com/bid/12426
http://secunia.com/advisories/14120 external
http://secunia.com/advisories/14120
http://fedoranews.org/updates/FEDORA--.shtml external
http://fedoranews.org/updates/FEDORA--.shtml
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056 external
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056
http://www.mandriva.com/security/advisories?name=MDKSA-2005:031 external
http://www.mandriva.com/security/advisories?name=MDKSA-2005:031
http://secunia.com/advisories/55314 external
http://secunia.com/advisories/55314
http://marc.info/?l=bugtraq&m=110737149402683&w=2 external
http://marc.info/?l=bugtraq&m=110737149402683&w=2
http://marc.info/?l=full-disclosure&m=110779721503111&w=2 external
http://marc.info/?l=full-disclosure&m=110779721503111&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/19208 external
https://exchange.xforce.ibmcloud.com/vulnerabilities/19208
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803 external
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803
http://www.digitalmunition.com/DMA[2005-0131b].txt external
http://www.digitalmunition.com/DMA[2005-0131b].txt
CVE-2005-0156 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2005-0156

Revision history

Version	Date of the revision	Summary of the revision
1	Mon Feb 7 00:00:00 2005	First release

Sharing rules

TLP:WHITE
For the TLP version see: https://www.first.org/tlp/