Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4278

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-4278
Last Modified 23 Oct 2013 09:56:09
Published 16 Dec 2005 06:03:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-4278

Summary

Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.

Vulnerable Systems

Application

  • Larry Wall Perl 5.3

  • Larry Wall Perl 5.4

  • Larry Wall Perl 5.4.5

  • Larry Wall Perl 5.5

  • Larry Wall Perl 5.5.3

  • Larry Wall Perl 5.6.1

  • Larry Wall Perl 5.8.0

  • Larry Wall Perl 5.8.1

  • Larry Wall Perl 5.8.3

  • Larry Wall Perl 5.8.4

  • Larry Wall Perl 5.8.4.1

  • Larry Wall Perl 5.8.4.2

  • Larry Wall Perl 5.8.4.2.3

  • Larry Wall Perl 5.8.4.3

  • Larry Wall Perl 5.8.4.4

  • Larry Wall Perl 5.8.4.5

  • Larry Wall Perl 5.8.6


References

BID - 15120

GENTOO - GLSA-200510-14

VUPEN - ADV-2005-2119

OSVDB - 20086

SECUNIA - 17232

SECUNIA - 55314


Last Updated: 27 May 2016 11:03:10