Vulnerabilities > CVE-2011-0761 - NULL Pointer Dereference Denial Of Service vulnerability in Perl 5.10.0/5.10.1

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
perl
nessus
exploit available

Summary

Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir function call. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'

Vulnerable Configurations

Part Description Count
Application
Perl
6

Exploit-Db

descriptionPerl 5.10 Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities. CVE-2011-0761. Dos exploits for multiple platform
idEDB-ID:35725
last seen2016-02-04
modified2011-05-03
published2011-05-03
reporterJonathan Brossard
sourcehttps://www.exploit-db.com/download/35725/
titlePerl 5.10 Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities

Nessus

NASL familyGentoo Local Security Checks
NASL idGENTOO_GLSA-201311-17.NASL
descriptionThe remote host is affected by the vulnerability described in GLSA-201311-17 (Perl: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. Impact : A local attacker could cause a Denial of Service condition or perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. A context-dependent attacker could cause a Denial of Service condition. Workaround : There is no known workaround at this time.
last seen2020-06-01
modified2020-06-02
plugin id71119
published2013-11-29
reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/71119
titleGLSA-201311-17 : Perl: Multiple vulnerabilities
code
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 201311-17.
#
# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(71119);
  script_version("1.8");
  script_cvs_date("Date: 2018/07/12 19:01:15");

  script_cve_id("CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1158", "CVE-2011-0761", "CVE-2011-1487");
  script_bugtraq_id(12767, 47124, 47766);
  script_xref(name:"GLSA", value:"201311-17");

  script_name(english:"GLSA-201311-17 : Perl: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-201311-17
(Perl: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Perl. Please review the
      CVE identifiers referenced below for details.
  
Impact :

    A local attacker could cause a Denial of Service condition or perform
      symlink attacks to overwrite arbitrary files with the privileges of the
      user running the application. A context-dependent attacker could cause a
      Denial of Service condition.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/201311-17"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All Perl users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=dev-lang/perl-5.12.3-r1'"
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(362);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:perl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/11/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/29");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"dev-lang/perl", unaffected:make_list("ge 5.12.3-r1"), vulnerable:make_list("lt 5.12.3-r1"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Perl");
}