Published: 27/06/2001 Updated: 19/12/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple buffer overflows in ePerl prior to 2.2.14-0.7 allow local and remote malicious users to execute arbitrary commands.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ralf s. engelschall eperl 2.2.12
ralf s. engelschall eperl 2.2.13
debian debian linux 2.2
mandrakesoft mandrake linux 7.1
mandrakesoft mandrake linux 7.2
suse suse linux 6.3
suse suse linux 6.4
suse suse linux 7.0
suse suse linux 7.1

Fumitoshi Ukai and Denis Barbier have found several potential buffer overflow bugs in our version of ePerl as distributed in all of our distributions When eperl is installed setuid root, it can switch to the UID/GID of the scripts owner Although Debian doesn't ship the program setuid root, this is a useful feature which people may have activated ...

NVD-CWE-Other http://www.debian.org/security/2001/dsa-034 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-027.php3 http://www.securityfocus.com/bid/2464 http://www.novell.com/linux/security/advisories/2001_008_eperl.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6198 https://nvd.nist.gov https://www.debian.org/security/./dsa-034

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-0458

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect