Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2856

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2006-2856
Last Modified 07 Mar 2011 09:37:08
Published 06 Jun 2006 04:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-2856

Summary

ActiveState ActivePerl 5.8.8.817 for Windows configures the site/lib directory with "Users" group permissions for changing files, which allows local users to gain privileges by creating a malicious sitecustomize.pl file in that directory. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Application

  • Activestate Activeperl 5.8.8.817


References

VUPEN - ADV-2006-2140

BID - 18269

OSVDB - 25974

SECUNIA - 20328

XF - activeperl-sitecustomize-code-execution(26915)


Last Updated: 27 May 2016 10:42:47