Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1742

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1742
Last Modified 05 Sep 2008 04:31:24
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1742

Summary

SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to trigger.

Vulnerable Systems

Application

  • Paul Kulchenko Soap Lite 0.50

  • Paul Kulchenko Soap Lite 0.51

  • Paul Kulchenko Soap Lite 0.52


References

MISC - http://www.soaplite.com/

BID - 4493

MISC - http://use.perl.org/articles/02/04/09/000212.shtml?tid=5

XF - soap-perl-execute-functions(8838)

MISC - http://www.phrack.org/show.php?p=58&a=9

FREEBSD - FreeBSD-SN-02:02


Last Updated: 27 May 2016 10:37:28