|
|
Family: Debian Local Security Checks --> Category: infos
[DSA431] DSA-431-1 perl Vulnerability Scan
Vulnerability Scan Summary
DSA-431-1 perl
Detailed Explanation for this Vulnerability Test
Paul Szabo discovered a number of similar bugs in suidperl, a helper
program to run perl scripts with setuid rights. By exploiting
these bugs, a possible hacker could abuse suidperl to discover information
about files (such as testing for their existence and some of their
permissions) that should not be accessible to unprivileged users.
For the current stable distribution (woody) this problem has been
fixed in version 5.6.1-8.6.
For the unstable distribution (sid), this problem will be fixed soon. Refer
to Debian bug #220486.
We recommend that you update your perl package if you have the
"perl-suid" package installed.
Solution : http://www.debian.org/security/2004/dsa-431
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
