Perl Safe Module 'reval()' And 'rdo()' Restriction-Bypass Vulnerabilities Network Vulnerability

Summary

The Perl Safe module is prone to multiple restriction-bypass vulnerabilities. Successful exploits could allow an attacker to execute arbitrary Perl code outside of the restricted root. Versions prior to Safe 2.25 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://blogs.perl.org/users/rafael_garcia-suarez/2010/03/new-safepm-fixes-security-hole.html
http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes
http://search.cpan.org/~rgarcia/Safe-2.27/Safe.pm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1168
https://www.securityfocus.com/bid/40302

Updated on 2017-03-28

Severity

Classification

CVE CVE-2010-1168

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Flash Media Server Multiple Remote Security Vulnerabilities
Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Mac OS X)
Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)

Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities

Take action and discover your vulnerabilities