Vulnerabilities > CVE-2011-2728 - Unspecified vulnerability in Perl

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

perl

nessus

NVD

Published: 2012-12-21

Updated: 2024-11-21

Summary

The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference.

Vulnerable Configurations

Part	Description	Count
Application	Perl Perl Perl 2.10.0 Perl Perl 2.10.3 Perl Perl 5.8.0 Perl Perl 2.6.4 Perl Perl 5.6.0 Perl Perl 2.3.0 Perl Perl 2.11.3 Perl Perl 2.15.0 Perl Perl 2.17.1 Perl Perl 5.8.4 Perl Perl 1.44 Perl Perl 2.8.7 Perl Perl 5.12.0 Perl Perl 5.13.10 Perl Perl 2.11.6 Perl Perl 2.7.2 Perl Perl 2.11.0 Perl Perl 5.8.1 Perl Perl 2.11.1 Perl Perl 5.8.9 Perl Perl 1.42 Perl Perl 2.4.0 Perl Perl 2.8.5 Perl Perl 2.10.7 Perl Perl 2.11.2 Perl Perl 2.16.1 Perl Perl 2.6.2 Perl Perl 5.6.1 Perl Perl 2.18.1 Perl Perl 5.12.1 Perl Perl 5.13.8 Perl Perl 5.11.2 Perl Perl 5.13.0 Perl Perl 1.20 Perl Perl 2.10.6 Perl Perl 1.21 Perl Perl 5.14.0 Perl Perl 5.12.3 Perl Perl 5.13.5 Perl Perl 5.13.3 Perl Perl 5.9.2 Perl Perl 2.17.0 Perl Perl 1.01 Perl Perl 5.13.6 Perl Perl 2.1.0 Perl Perl 1.41 Perl Perl 1.47 Perl Perl 2.11.5 Perl Perl 5.10.0 Perl Perl 2.11.4 Perl Perl 5.13.11 Perl Perl 1.22 Perl Perl 2.2.1 Perl Perl 2.5.0 Perl Perl 5.8.2 Perl Perl 5.8.10 Perl Perl 2.2.2 Perl Perl 5.11.1 Perl Perl 5.8.5 Perl Perl 5.13.7 Perl Perl 2.7.1 Perl Perl 2.10.1 Perl Perl 5.10 Perl Perl 5.13.1 Perl Perl 5.10.1 Perl Perl 2.1.3 Perl Perl 2.7.0 Perl Perl 2.11.7 Perl Perl 2.8.1 Perl Perl 2.13.0 Perl Perl 1.45 Perl Perl 2.8.6 Perl Perl 5.11.5 Perl Perl 2.6.3 Perl Perl 2.6.6 Perl Perl 2.6.1 Perl Perl - Perl Perl 0.1 Perl Perl 0.2 Perl Perl 0.3 Perl Perl 0.4 Perl Perl 0.5 Perl Perl 0.52 Perl Perl 0.61 Perl Perl 0.62 Perl Perl 0.63 Perl Perl 0.64 Perl Perl 0.65 Perl Perl 0.66 Perl Perl 0.67 Perl Perl 0.68 Perl Perl 0.69 Perl Perl 0.70 Perl Perl 0.71 Perl Perl 0.72 Perl Perl 0.73 Perl Perl 0.80 Perl Perl 0.81 Perl Perl 0.82 Perl Perl 0.83 Perl Perl 0.84 Perl Perl 0.85 Perl Perl 0.86 Perl Perl 0.87 Perl Perl 0.88 Perl Perl 0.89 Perl Perl 0.90 Perl Perl 0.91 Perl Perl 0.92 Perl Perl 0.93 Perl Perl 0.94 Perl Perl 0.95 Perl Perl 0.96 Perl Perl 0.97 Perl Perl 0.98 Perl Perl 0.99 Perl Perl 1.00 Perl Perl 1.0.15 Perl Perl 1.0.16 Perl Perl 1.31 Perl Perl 1.32 Perl Perl 1.40 Perl Perl 1.43 Perl Perl 1.46 Perl Perl 1.48 Perl Perl 1.49 Perl Perl 2.0.0 Perl Perl 2.1.1 Perl Perl 2.1.2 Perl Perl 2.2.0 Perl Perl 2.5.1 Perl Perl 2.6.0 Perl Perl 2.6.5 Perl Perl 2.8.0 Perl Perl 2.8.2 Perl Perl 2.8.3 Perl Perl 2.8.4 Perl Perl 2.8.8 Perl Perl 2.9.0 Perl Perl 2.9.1 Perl Perl 2.9.2 Perl Perl 2.10.2 Perl Perl 2.10.4 Perl Perl 2.10.5 Perl Perl 2.11.8 Perl Perl 2.12.0 Perl Perl 2.14.0 Perl Perl 2.14.1 Perl Perl 2.15.1 Perl Perl 2.16.0 Perl Perl 2.17.2 Perl Perl 2.18.0 Perl Perl 5.000 Perl Perl 5.000O Perl Perl 5.001 Perl Perl 5.001N Perl Perl 5.002 Perl Perl 5.002_01 Perl Perl 5.003 Perl Perl 5.003_01 Perl Perl 5.003_02 Perl Perl 5.003_03 Perl Perl 5.003_04 Perl Perl 5.003_05 Perl Perl 5.003_07 Perl Perl 5.003_08 Perl Perl 5.003_09 Perl Perl 5.003_10 Perl Perl 5.003_11 Perl Perl 5.003_12 Perl Perl 5.003_13 Perl Perl 5.003_14 Perl Perl 5.003_15 Perl Perl 5.003_16 Perl Perl 5.003_17 Perl Perl 5.003_18 Perl Perl 5.003_19 Perl Perl 5.003_20 Perl Perl 5.003_21 Perl Perl 5.003_22 Perl Perl 5.003_23 Perl Perl 5.003_24 Perl Perl 5.003_25 Perl Perl 5.003_26 Perl Perl 5.003_27 Perl Perl 5.003_28 Perl Perl 5.003_90 Perl Perl 5.003_91 Perl Perl 5.003_92 Perl Perl 5.003_93 Perl Perl 5.003_94 Perl Perl 5.003_95 Perl Perl 5.003_96 Perl Perl 5.003_97 Perl Perl 5.003_97A Perl Perl 5.003_97B Perl Perl 5.003_97C Perl Perl 5.003_97D Perl Perl 5.003_97E Perl Perl 5.003_97F Perl Perl 5.003_97G Perl Perl 5.003_97H Perl Perl 5.003_97I Perl Perl 5.003_97J Perl Perl 5.003_98 Perl Perl 5.003_99 Perl Perl 5.003_99A Perl Perl 5.004 Perl Perl 5.004_01 Perl Perl 5.004_02 Perl Perl 5.004_03 Perl Perl 5.004_04 Perl Perl 5.004_05 Perl Perl 5.005 Perl Perl 5.005_01 Perl Perl 5.005_02 Perl Perl 5.005_03 Perl Perl 5.005_04 Perl Perl 5.6 Perl Perl 5.6.2 Perl Perl 5.7.3 Perl Perl 5.8 Perl Perl 5.8.3 Perl Perl 5.8.6 Perl Perl 5.8.7 Perl Perl 5.8.8 Perl Perl 5.9.0 Perl Perl 5.9.1 Perl Perl 5.9.3 Perl Perl 5.9.4 Perl Perl 5.9.5 Perl Perl 5.11.0 Perl Perl 5.11.3 Perl Perl 5.11.4 Perl Perl 5.12.2 Perl Perl 5.12.4 Perl Perl 5.12.5 Perl Perl 5.13.2 Perl Perl 5.13.4 Perl Perl 5.13.9 Perl Perl 5.14.1	267

Nessus

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201401-11.NASL
description	The remote host is affected by the vulnerability described in GLSA-201401-11 (Perl, Locale Maketext Perl module: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Perl and Locale::Maketext Perl module. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	72033
published	2014-01-20
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/72033
title	GLSA-201401-11 : Perl, Locale Maketext Perl module: Multiple vulnerabilities
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201401-11. # # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(72033); script_version("1.9"); script_cvs_date("Date: 2019/08/12 17:35:38"); script_cve_id("CVE-2011-2728", "CVE-2011-2939", "CVE-2012-5195", "CVE-2013-1667"); script_bugtraq_id(49858, 56287, 58311); script_xref(name:"GLSA", value:"201401-11"); script_name(english:"GLSA-201401-11 : Perl, Locale Maketext Perl module: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201401-11 (Perl, Locale Maketext Perl module: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Perl and Locale::Maketext Perl module. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201401-11" ); script_set_attribute( attribute:"solution", value: "All Perl users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/perl-5.16.3' All Locale::Maketext users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=perl-core/locale-maketext-1.230.0'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:locale-maketext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/01/13"); script_set_attribute(attribute:"patch_publication_date", value:"2014/01/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/20"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"dev-lang/perl", unaffected:make_list("ge 5.16.3"), vulnerable:make_list("lt 5.16.3"))) flag++; if (qpkg_check(package:"perl-core/locale-maketext", unaffected:make_list("ge 1.230.0"), vulnerable:make_list("lt 1.230.0"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Perl / Locale Maketext Perl module"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_PERL-130301.NASL
description	This update of Perl 5 fixes the following security issues : - fix rehash DoS [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - fix glob denial of service [bnc#796014] [CVE-2011-2728] - sanitize input in Maketext.pm [bnc#797060] [CVE-2012-6329]
last seen	2020-06-05
modified	2013-03-13
plugin id	65247
published	2013-03-13
reporter	This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/65247
title	SuSE 11.2 Security Update : Perl (SAT Patch Number 7439)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(65247); script_version("1.9"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2011-2728", "CVE-2012-5526", "CVE-2012-6329", "CVE-2013-1667"); script_name(english:"SuSE 11.2 Security Update : Perl (SAT Patch Number 7439)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update of Perl 5 fixes the following security issues : - fix rehash DoS [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - fix glob denial of service [bnc#796014] [CVE-2011-2728] - sanitize input in Maketext.pm [bnc#797060] [CVE-2012-6329]" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=789994" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=796014" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=797060" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=804415" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2728.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-5526.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-6329.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-1667.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 7439."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"d2_elliot_name", value:"TWiki 5.1.2 RCE"); script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-doc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2013/03/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) \|\| int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2"); flag = 0; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"perl-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"perl-base-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"perl-doc-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-32bit-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-base-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-doc-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"perl-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"perl-base-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"perl-doc-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"perl-32bit-5.10.0-64.61.61.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"perl-32bit-5.10.0-64.61.61.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Solaris Local Security Checks
NASL id	SOLARIS11_PERL-58_20131017.NASL
description	The remote Solaris system is missing necessary patches to address security updates : - The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference. (CVE-2011-2728)
last seen	2020-06-01
modified	2020-06-02
plugin id	80732
published	2015-01-19
reporter	This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/80732
title	Oracle Solaris Third-Party Patch Update : perl-58 (cve_2011_2728_denial_of)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the Oracle Third Party software advisories. # include("compat.inc"); if (description) { script_id(80732); script_version("1.2"); script_cvs_date("Date: 2018/11/15 20:50:24"); script_cve_id("CVE-2011-2728"); script_name(english:"Oracle Solaris Third-Party Patch Update : perl-58 (cve_2011_2728_denial_of)"); script_summary(english:"Check for the 'entire' version."); script_set_attribute( attribute:"synopsis", value: "The remote Solaris system is missing a security patch for third-party software." ); script_set_attribute( attribute:"description", value: "The remote Solaris system is missing necessary patches to address security updates : - The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference. (CVE-2011-2728)" ); # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?4a913f44" ); script_set_attribute( attribute:"see_also", value:"https://blogs.oracle.com/sunsecurity/cve-2011-2728-denial-of-service-vulnerability-in-perl" ); script_set_attribute(attribute:"solution", value:"Upgrade to Solaris 11/11 SRU 3."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:perl-58"); script_set_attribute(attribute:"patch_publication_date", value:"2013/10/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Solaris11/release"); if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11"); pkg_list = solaris_pkg_list_leaves(); if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages"); if (empty_or_null(egrep(string:pkg_list, pattern:"^perl-58$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl-58"); flag = 0; if (solaris_check_release(release:"0.5.11-0.175.0.3.0.4.0", sru:"SRU 3") > 0) flag++; if (flag) { error_extra = 'Affected package : perl-58\n' + solaris_get_report2(); error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra); if (report_verbosity > 0) security_warning(port:0, extra:error_extra); else security_warning(0); exit(0); } else audit(AUDIT_PACKAGE_NOT_AFFECTED, "perl-58");

NASL family	SuSE Local Security Checks
NASL id	SUSE_PERL-8479.NASL
description	This update of Perl 5 fixes the following security issues : - fix rehash DoS [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - fix glob denial of service [bnc#796014] [CVE-2011-2728] - sanitize input in Maketext.pm [bnc#797060] [CVE-2012-6329] - make getgrent work with long group entries [bnc#788388]
last seen	2020-06-05
modified	2013-03-13
plugin id	65249
published	2013-03-13
reporter	This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/65249
title	SuSE 10 Security Update : Perl (ZYPP Patch Number 8479)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(65249); script_version("1.8"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2011-2728", "CVE-2012-5526", "CVE-2012-6329", "CVE-2013-1667"); script_name(english:"SuSE 10 Security Update : Perl (ZYPP Patch Number 8479)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of Perl 5 fixes the following security issues : - fix rehash DoS [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - fix glob denial of service [bnc#796014] [CVE-2011-2728] - sanitize input in Maketext.pm [bnc#797060] [CVE-2012-6329] - make getgrent work with long group entries [bnc#788388]" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2728.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-5526.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-6329.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-1667.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 8479."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"d2_elliot_name", value:"TWiki 5.1.2 RCE"); script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2013/03/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:4, reference:"perl-5.8.8-14.21.3")) flag++; if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"perl-32bit-5.8.8-14.21.3")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"perl-5.8.8-14.21.3")) flag++; if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"perl-32bit-5.8.8-14.21.3")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");

Seebug

bulletinFamily	exploit
description	BUGTRAQ ID: 49858 CVE ID: CVE-2011-2728,CVE-2011-2939 Perl是一种高级、通用、直译式、动态的程序语言。 Perl的"decode_xs()"和"File::Glob::bsd_glob()"函数在实现上存在远程代码执行漏洞，远程攻击者可利用此漏洞执行任意代码。 1）在处理GLOB_ALTDIRFUNC旗标时，"File::Glob::bsd_glob()"函数中存在的错误可被利用造成非法访问和执行任意代码。 2）Encode中的"decode_xs()"函数中的错误可通过特制输入造成堆缓冲区溢出。 Perl 5.14.1 厂商补丁： Perl ---- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.perl.com
id	SSV:20964
last seen	2017-11-19
modified	2011-09-30
published	2011-09-30
reporter	Root
title	Perl "decode_xs()"和"File::Glob::bsd_glob()"远程代码执行漏洞

Summary

Vulnerable Configurations

Nessus

Seebug

References