Next Page >>
perl
---------------------------------------------------------------------------
* Perl : multiple functions null pointer dereference *
* uppon parameters injection *
---------------------------------------------------------------------------
--[ Vulnerability Summary:
==========================================================================
Ubuntu Security Notice USN-1129-1
May 03, 2011
perl vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Perl Safe module: Arbitrary Perl code injection
Date: November 20, 2011
Bugs: #325563
ID: 201111-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
===========================================================
Ubuntu Security Notice USN-700-2 January 15, 2009
perl regression
https://launchpad.net/bugs/315991
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01362465
Version: 1
HPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-02-19
Last Updated: 2008-02-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Perl: Buffer overflow
Date: November 19, 2007
Bugs: #198196
ID: 200711-28
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
===========================================================
Ubuntu Security Notice USN-700-1 December 24, 2008
libarchive-tar-perl, perl vulnerabilities
CVE-2007-4829, CVE-2008-1927, CVE-2008-5302, CVE-2008-5303
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.10
Debian Security Advisory DSA-1556-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
April 24, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : perl
Vulnerability : heap buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE Id : CVE-2008-1927
Debian Bug : 454792
- Severity: 5/5
=============================================
I. VULNERABILITY
-------------------------
SmbClientParser perl module allows remote command execution.
II. BACKGROUND
-------------------------
SmbClientParser is a useful perl module to writing Netbios interactive
codes, is a wraper from linux smbclient command and can be downloaded
Mandriva Linux Security Advisory MDKSA-2007:207
http://www.mandriva.com/security/
_______________________________________________________________________
Package : perl
Date : November 5, 2007
Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0
_______________________________________________________________________
#! /usr/bin/perl
# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Libra PHP File Manager <= 1.18 / Local File Inclusion Vulnerability
# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Program: Libra PHP File Manager
# Version: <= 1.18
# File affected: fileadmin.php
# Download: http://file.sourceforge.net
===========================================================
Ubuntu Security Notice USN-794-1 July 02, 2009
libcompress-raw-zlib-perl, perl vulnerability
CVE-2009-1391
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
| $dbh->do($query) || $form->dberror($query);
The values for $form->{db} and $form->{id} are supplied by the user and are not filtered or
quoted before using them in the SQL query.
Perl's DBI module offers prepared statements with bound parameter queries (e.g.
"DELETE FROM ? WHERE id = ?"), which should be used — together with input filtering as a
defense in depth strategy — to prevent this kind of attack.
* Local File Include (CVE-2009-3583)
CVE ID : CVE-2009-0667
It was discovered that the ocsinventory-agent which is part of the
ocsinventory suite, a hardware and software configuration indexing service,
is prone to an insecure perl module search path. As the agent is started
via cron and the current directory (/ in this case) is included in the
default perl module path the agent scans every directory on the system
for its perl modules. This enables an attacker to execute arbitrary code
via a crafted ocsinventory-agent perl module placed on the system.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Perl: Execution of arbitrary code
Date: May 20, 2008
Bugs: #219203
ID: 200805-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2008-0013
Synopsis: Updated ESX packages for OpenSSL, net-snmp, perl
Issue date: 2008-08-12
Updated on: 2008-08-12 (initial release of advisory)
CVE numbers: CVE-2007-3108, CVE-2007-5135, CVE-2008-2292,
CVE-2008-0960, CVE-2008-1927
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1556-2 security@debian.org
http://www.debian.org/security/ Florian Weimer
April 27, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : perl
Vulnerability : heap buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE Id : CVE-2008-1927
Debian Bug : 454792
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Perl: Execution of arbitrary code
Date: May 20, 2008
Bugs: #219203
ID: 200805-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Debian Security Advisory DSA-1678-2 security@debian.org
http://www.debian.org/security/ Florian Weimer
December 21, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : perl
Vulnerability : design flaws
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-5302 CVE-2008-5303
Debian Bug : 286905 286922 479317
access to the Calendar. Any of the pages in pPIM can be accessed this way.
Arbitrary File Upload
pPIM's upload.php script allows attackers to upload arbitrary scripts of
any type to the target server. To do this using Perl simply create the
file and upload it using Perl:
$ echo "<?php echo phpinfo();?>" > phpinfo.php
The execute the following Perl script:
#!/usr/bin/perl
#-----------------------------------------------------------------------------
# User options changer (SQLi) EXPLOIT --Bigace CMS -stable release- 2.5-->
#-----------------------------------------------------------------------------
#
#CMS INFORMATION:
#
#-->WEB: http://www.bigace.de/
#-->DOWNLOAD: http://downloads.sourceforge.net/bigace/
#-->DEMO: http://www.bigace.de/demo.html
CVE-2010-1321 CVE-2010-1168 CVE-2010-1447
- ------------------------------------------------------------------------
1. Summary
ESX 3.5 Console OS (COS) updates for COS packages perl, krb5, samba,
tar, and cpio.
2. Relevant releases
VMware ESX 3.5 without patches ESX350-201008405-SG,
CVE-2010-1321 CVE-2010-1168 CVE-2010-1447
- ------------------------------------------------------------------------
1. Summary
ESX 3.5 Console OS (COS) updates for COS packages perl, krb5, samba,
tar, and cpio.
2. Relevant releases
VMware ESX 3.5 without patches ESX350-201008405-SG,
Debian Security Advisory DSA-2267-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 01, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : perl
Vulnerability : restriction bypass
Problem type : local
Debian-specific: no
CVE ID : CVE-2010-1447
Debian Bug : 631529
After release of vendor supplied patch for JCE's vulnerabilities,
AmnPardaz is going to submit related POC for this issue in Perl and
PHP after one month for educational purposes.
PHP Version:
<?php
######################################### www.bugreport.ir
########################################
#
# AmnPardaz Security Research & Penetration Testing Group
Mandriva Linux Security Advisory MDVSA-2012:008
http://www.mandriva.com/security/
_______________________________________________________________________
Package : perl
Date : January 18, 2012
Affected: 2010.1, 2011.
_______________________________________________________________________
Problem Description:
Debian-specific: yes
CVE Id(s) : CVE-2009-2946
Raphael Geissert discovered that uscan, a program to check for
availability of new source code versions which is part of the
devscripts package, runs Perl code downloaded from potentially
untrusted sources to implement its URL and version mangling
functionality. This update addresses this issue by reimplementing the
relevant Perl operators without relying on the Perl interpreter,
trying to preserve backwards compatibility as much as possible.
PoC files
This proof of concept uses three files to work:
* 'PoC.pl': a PERL script which will set the cookies and shot the SMB
requests.
* 'snifSMB.pl': this script must be running in the example server. It
will be listening for SMB requests, and when they occur, it will create
a set of redirectToCookie files, attempting to cover all possibilities.
(gdb) x/x $edx
0x8048000: Cannot access memory at address 0x8048000
(gdb)
- ---
the same result we can get with perl(1)
PoC perl:
- ---
#!/usr/local/bin/perl
printf "%.512f", 1;
CVE-2009-3583 refers to a security vulnerability in SQL-Ledger (and
presumably some offshoots, including early versions of LedgerSMB)
whereby one can include arbitrary Perl code.
All versions of SQL-Ledger 2.x are presumed vulnerable. At least my
experience with SQL-Ledger suggests that the relevant code has not
changed significantly since at least 2.2.0.
All versions of LedgerSMB lower than 1.2.0 are vulnerable. 1.2.0 is
the first version that is not vulnerable.
Next Page>>
|
