|
|
Family: Debian Local Security Checks --> Category: infos
[DSA696] DSA-696-1 perl Vulnerability Scan
Vulnerability Scan Summary
DSA-696-1 perl
Detailed Explanation for this Vulnerability Test
Paul Szabo discovered another vulnerability in the File::Path::rmtree
function of perl, the popular scripting language. When a process is
deleting a directory tree, a different user could exploit a race
condition to create setuid binaries in this directory tree, provided
that he already had write permissions in any subdirectory of that
tree.
For the stable distribution (woody) this problem has been fixed in
version 5.6.1-8.9.
For the unstable distribution (sid) this problem has been fixed in
version 5.8.4-8.
We recommend that you upgrade your perl packages.
Solution : http://www.debian.org/security/2005/dsa-696
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
