CPANSA-Safe-2002-1323: Safe vulnerability
| Publisher | giterlizzi | Document category | csaf_security_advisory |
|---|---|---|---|
| Initial release date | 2002-12-11T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
| Current release date | 2002-12-11T00:00:00 | Build Date | |
| Current version | 1 | Status | final |
| CVSS v3.1 Base Score | Severity | ||
| Original language | Language | en | |
| Also referred to | |||
Vulnerability Description
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
Vulnerabilities
CVE-2002-1323
Vulnerability DescriptionSafe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
Product status
Known affected
| Product | Score | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Safe less than or equal 2.07 |
|
Fixed
- Safe greater than or equal 2.08
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-Safe-2002-1323 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2002/cpansa-safe-2002-1323.json - http://use.perl.org/articles/02/10/06/1118222.shtml?tid=5 external
http://use.perl.org/articles/02/10/06/1118222.shtml?tid=5 - http://www.securityfocus.com/bid/6111 external
http://www.securityfocus.com/bid/6111 - http://www.debian.org/security/2002/dsa-208 external
http://www.debian.org/security/2002/dsa-208 - http://www.iss.net/security_center/static/10574.php external
http://www.iss.net/security_center/static/10574.php - http://bugs6.perl.org/rt2/Ticket/Display.html?id=17744 external
http://bugs6.perl.org/rt2/Ticket/Display.html?id=17744 - http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0061.html external
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0061.html - http://www.redhat.com/support/errata/RHSA-2003-256.html external
http://www.redhat.com/support/errata/RHSA-2003-256.html - http://www.redhat.com/support/errata/RHSA-2003-257.html external
http://www.redhat.com/support/errata/RHSA-2003-257.html - ftp://patches.sgi.com/support/free/security/advisories/20030606-01-A external
ftp://patches.sgi.com/support/free/security/advisories/20030606-01-A - ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-007.0.txt external
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-007.0.txt - ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.1/SCOSA-2004.1.txt external
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.1/SCOSA-2004.1.txt - http://www.osvdb.org/2183 external
http://www.osvdb.org/2183 - http://www.osvdb.org/3814 external
http://www.osvdb.org/3814 - http://marc.info/?l=bugtraq&m=104040175522502&w=2 external
http://marc.info/?l=bugtraq&m=104040175522502&w=2 - http://marc.info/?l=bugtraq&m=104033126305252&w=2 external
http://marc.info/?l=bugtraq&m=104033126305252&w=2 - http://marc.info/?l=bugtraq&m=104005919814869&w=2 external
http://marc.info/?l=bugtraq&m=104005919814869&w=2 - https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1160 external
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1160 - CVE-2002-1323 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2002-1323
Revision history
| Version | Date of the revision | Summary of the revision |
|---|---|---|
| 1 | Wed Dec 11 00:00:00 2002 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/