Family: Debian Local Security Checks --> Category: infos
[DSA620] DSA-620-1 perl Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Several vulnerabilities have been discovered in Perl, the popular
scripting language. The Common Vulnerabilities and Exposures project
identifies the following problems:
Jeroen van Wolffelaar discovered that the rmtree() function in the
File::Path module removes directory trees in an insecure manner
which could lead to the removal of arbitrary files and directories
through a symlink attack.
Trustix developers discovered several insecure uses of temporary
files in many modules which allow a local attacker to overwrite
files via a symlink attack.
For the stable distribution (woody) these problems have been fixed in
For the unstable distribution (sid) these problems have been fixed in
We recommend that you upgrade your perl packages.
Solution : http://www.debian.org/security/2004/dsa-620
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.