Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1323

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2002-1323
Last Modified 05 Sep 2008 04:30:18
Published 11 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1323

Summary

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 2.1

  • Redhat Linux Advanced Workstation 2.1

  • Sco Open Unix 8.0

  • Sco Unixware 7.1.2

  • Sco Unixware 7.1.3

  • Sgi Irix 6.5

  • Sgi Irix 6.5.1

  • Sgi Irix 6.5.10

  • Sgi Irix 6.5.11

  • Sgi Irix 6.5.12

  • Sgi Irix 6.5.13

  • Sgi Irix 6.5.14

  • Sgi Irix 6.5.15

  • Sgi Irix 6.5.16

  • Sgi Irix 6.5.17

  • Sgi Irix 6.5.17f

  • Sgi Irix 6.5.17m

  • Sgi Irix 6.5.18

  • Sgi Irix 6.5.18f

  • Sgi Irix 6.5.18m

  • Sgi Irix 6.5.19

  • Sgi Irix 6.5.19f

  • Sgi Irix 6.5.19m

  • Sgi Irix 6.5.2

  • Sgi Irix 6.5.20f

  • Sgi Irix 6.5.20m

  • Sgi Irix 6.5.21f

  • Sgi Irix 6.5.21m

  • Sgi Irix 6.5.22

  • Sgi Irix 6.5.3

  • Sgi Irix 6.5.4

  • Sgi Irix 6.5.5

  • Sgi Irix 6.5.6

  • Sgi Irix 6.5.7

  • Sgi Irix 6.5.8

  • Sgi Irix 6.5.9

  • Sun Solaris 8.0

  • Sun Solaris 9.0

Application

  • Safe.pm 2.0 6

  • Safe.pm 2.0 7

  • Sun Linux 5.0.7


References

BID - 6111

DEBIAN - DSA-208

CONFIRM - http://use.perl.org/articles/02/10/06/1118222.shtml?tid=5

XF - safe-pm-bypass-restrictions(10574)

BUGTRAQ - 20021219 TSLSA-2002-0087 - perl

CONFIRM - http://bugs6.perl.org/rt2/Ticket/Display.html?id=17744

REDHAT - RHSA-2003:257

REDHAT - RHSA-2003:256

OSVDB - 3814

OSVDB - 2183

BUGTRAQ - 20021220 GLSA: perl

BUGTRAQ - 20021216 [OpenPKG-SA-2002.014] OpenPKG Security Advisory (perl)

VULNWATCH - 20021105 Perl Safe.pm compartment reuse vuln

SGI - 20030606-01-A

SCO - SCOSA-2004.1

CALDERA - CSSA-2004-007.0


Last Updated: 27 May 2016 10:37:16