Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4217

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4217
Last Modified 23 Aug 2011 12:00:00
Published 14 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4217

Summary

Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges.

Vulnerable Systems

Operating System

  • Apple Mac Os X Server 10.3.9


References

CERT - TA06-062A

XF - macos-perl-bypass-security(23561)

VUPEN - ADV-2006-0791

VUPEN - ADV-2005-2869

BID - 16907

BID - 15833

OSVDB - 21800

SECUNIA - 19064

SECUNIA - 17922

APPLE - APPLE-SA-2006-03-01

CONFIRM - http://docs.info.apple.com/article.html?artnum=303382


Last Updated: 27 May 2016 10:41:12