Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2005-0155

Published: 02/05/2005 Updated: 07/11/2023
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 465
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Perl

Vulnerability Summary

The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable.

Vulnerable Product Search on Vulmon Subscribe to Product

larry wall perl 5.8.0

Vendor Advisories

Ubuntu Security Notice: perl vulnerabilities
Two exploitable vulnerabilities involving setuid-enabled perl scripts have been discovered The package “perl-suid” provides a wrapper around perl which allows to use setuid-root perl scripts, ie user-callable Perl scripts which have full root privileges ...
Red Hat: perl security update
Synopsis perl security update Type/Severity Security Advisory: Important Topic Updated Perl packages that fix several security issues are now availablefor Red Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Security Response Team Description ...
Red Hat: perl security update
Synopsis perl security update Type/Severity Security Advisory: Important Topic Updated Perl packages that fix several security issues are now availablefor Red Hat Enterprise Linux 3 Description Perl is a high-level programming language commonly used for systemadministration utilities and W ...

Exploits

Exploit DB: Setuid perl - 'PerlIO_Debug()' Root Owned File Creation Privilege Escalation
/* * Copyright Kevin Finisterre * * ** DISCLAIMER ** I am in no way responsible for your stupidity * ** DISCLAIMER ** I am in no way liable for any damages caused by compilation and or execution of this code * * ** WARNING ** DO NOT RUN THIS UNLESS YOU KNOW WHAT YOU ARE DOING *** * ** WARNING ** overwriting /etc/ldsopreload can severly ...

References

NVD-CWE-Otherhttp://www.gentoo.org/security/en/glsa/glsa-200502-13.xmlhttp://www.redhat.com/support/errata/RHSA-2005-103.htmlhttp://www.redhat.com/support/errata/RHSA-2005-105.htmlhttp://www.trustix.org/errata/2005/0003/http://www.securityfocus.com/bid/12426http://secunia.com/advisories/14120http://fedoranews.org/updates/FEDORA--.shtmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056http://support.avaya.com/elmodocs2/security/ASA-2006-163.htmhttp://secunia.com/advisories/21646http://www.mandriva.com/security/advisories?name=MDKSA-2005:031http://marc.info/?l=bugtraq&m=110737149402683&w=2http://marc.info/?l=full-disclosure&m=110779723332339&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/19207https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10404http://www.digitalmunition.com/DMA%5B2005-0131a%5D.txthttps://usn.ubuntu.com/72-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/792/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook