USN-72-1 : perl vulnerabilities

NASLDB: USN-72-1 : perl vulnerabilities

General

ID: 20693
Name: USN-72-1 : perl vulnerabilities

Summary: Checks dpkg output for updated package(s)

Credits: –

Classification

Risk: –

CVSS: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS Base Vector: –
CVSS Temporal Vector: –

Port: 0
Family: Ubuntu Local Security Checks
Type: Local

Description

Two exploitable vulnerabilities involving setuid-enabled perl scripts
have been discovered. The package ‘perl-suid’ provides a wrapper
around perl which allows to use setuid-root perl scripts, i.e.
user-callable Perl scripts which have full root privileges.

Previous versions allowed users to overwrite arbitrary files by
setting the PERLIO_DEBUG environment variable and calling an
arbitrary setuid-root perl script. The file that PERLIO_DEBUG points
to was then overwritten by Perl debug messages. This did not allow
precise control over the file content, but could destroy important
data. PERLIO_DEBUG is now ignored for setuid scripts. (CVE-2005-0155)

In addition, calling a setuid-root perl script with a very long path
caused a buffer overflow if PERLIO_DEBUG was set. This buffer
overflow could be exploited to execute arbitrary files with full root
privileges. (CVE-2005-0156)