Perl Safe Module 'reval()' And 'rdo()' Restriction-Bypass Vulnerabilities Network Vulnerability

Summary

The Perl Safe module is prone to multiple restriction-bypass vulnerabilities. Successful exploits could allow an attacker to execute arbitrary Perl code outside of the restricted root. Versions prior to Safe 2.27 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes
http://search.cpan.org/~rgarcia/Safe-2.27/Safe.pm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1447
https://www.securityfocus.com/bid/40305

Updated on 2017-03-28

Severity

Classification

CVE CVE-2010-1447

CVSS	Base Score: 8.5 AV:N/AC:M/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Multiple Vulnerabilities June-2012 (Windows)
Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Mac OS X)
Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Windows
Adobe AIR Multiple Vulnerabilities -02 April 13 (Windows)
Adobe ExtendedScript Toolkit (ESTK) Insecure Library Loading Vulnerability (Win)

Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities

Take action and discover your vulnerabilities