Vulnerabilities > CVE-2011-2728 - Unspecified vulnerability in Perl

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
perl
nessus

Summary

The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference.

Vulnerable Configurations

Part Description Count
Application
Perl
267

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201401-11.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201401-11 (Perl, Locale Maketext Perl module: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Perl and Locale::Maketext Perl module. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id72033
    published2014-01-20
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72033
    titleGLSA-201401-11 : Perl, Locale Maketext Perl module: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201401-11.
    #
    # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(72033);
      script_version("1.9");
      script_cvs_date("Date: 2019/08/12 17:35:38");
    
      script_cve_id("CVE-2011-2728", "CVE-2011-2939", "CVE-2012-5195", "CVE-2013-1667");
      script_bugtraq_id(49858, 56287, 58311);
      script_xref(name:"GLSA", value:"201401-11");
    
      script_name(english:"GLSA-201401-11 : Perl, Locale Maketext Perl module: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201401-11
    (Perl, Locale Maketext Perl module: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in Perl and
          Locale::Maketext Perl module. Please review the CVE identifiers
          referenced below for details.
      
    Impact :
    
        A context-dependent attacker could possibly execute arbitrary code with
          the privileges of the process or cause a Denial of Service condition.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201401-11"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Perl users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-lang/perl-5.16.3'
        All Locale::Maketext users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose
          '>=perl-core/locale-maketext-1.230.0'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:locale-maketext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:perl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/01/13");
      script_set_attribute(attribute:"patch_publication_date", value:"2014/01/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"dev-lang/perl", unaffected:make_list("ge 5.16.3"), vulnerable:make_list("lt 5.16.3"))) flag++;
    if (qpkg_check(package:"perl-core/locale-maketext", unaffected:make_list("ge 1.230.0"), vulnerable:make_list("lt 1.230.0"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Perl / Locale Maketext Perl module");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_PERL-130301.NASL
    descriptionThis update of Perl 5 fixes the following security issues : - fix rehash DoS [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - fix glob denial of service [bnc#796014] [CVE-2011-2728] - sanitize input in Maketext.pm [bnc#797060] [CVE-2012-6329]
    last seen2020-06-05
    modified2013-03-13
    plugin id65247
    published2013-03-13
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/65247
    titleSuSE 11.2 Security Update : Perl (SAT Patch Number 7439)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(65247);
      script_version("1.9");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2011-2728", "CVE-2012-5526", "CVE-2012-6329", "CVE-2013-1667");
    
      script_name(english:"SuSE 11.2 Security Update : Perl (SAT Patch Number 7439)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of Perl 5 fixes the following security issues :
    
      - fix rehash DoS [bnc#804415] [CVE-2013-1667]
    
      - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]
    
      - fix glob denial of service [bnc#796014] [CVE-2011-2728]
    
      - sanitize input in Maketext.pm [bnc#797060]
        [CVE-2012-6329]"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=789994"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=796014"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=797060"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=804415"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2728.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5526.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-6329.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-1667.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 7439.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"d2_elliot_name", value:"TWiki 5.1.2 RCE");
      script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-doc");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/03/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"perl-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"perl-base-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"perl-doc-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-32bit-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-base-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-doc-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"perl-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"perl-base-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"perl-doc-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"perl-32bit-5.10.0-64.61.61.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"perl-32bit-5.10.0-64.61.61.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_PERL-58_20131017.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates : - The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference. (CVE-2011-2728)
    last seen2020-06-01
    modified2020-06-02
    plugin id80732
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80732
    titleOracle Solaris Third-Party Patch Update : perl-58 (cve_2011_2728_denial_of)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from the Oracle Third Party software advisories.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(80732);
      script_version("1.2");
      script_cvs_date("Date: 2018/11/15 20:50:24");
    
      script_cve_id("CVE-2011-2728");
    
      script_name(english:"Oracle Solaris Third-Party Patch Update : perl-58 (cve_2011_2728_denial_of)");
      script_summary(english:"Check for the 'entire' version.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Solaris system is missing a security patch for third-party
    software."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote Solaris system is missing necessary patches to address
    security updates :
    
      - The bsd_glob function in the File::Glob module for Perl
        before 5.14.2 allows context-dependent attackers to
        cause a denial of service (crash) via a glob expression
        with the GLOB_ALTDIRFUNC flag, which triggers an
        uninitialized pointer dereference. (CVE-2011-2728)"
      );
      # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?4a913f44"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://blogs.oracle.com/sunsecurity/cve-2011-2728-denial-of-service-vulnerability-in-perl"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade to Solaris 11/11 SRU 3.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:perl-58");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/10/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Solaris11/release");
    if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
    pkg_list = solaris_pkg_list_leaves();
    if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages");
    
    if (empty_or_null(egrep(string:pkg_list, pattern:"^perl-58$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl-58");
    
    flag = 0;
    
    if (solaris_check_release(release:"0.5.11-0.175.0.3.0.4.0", sru:"SRU 3") > 0) flag++;
    
    if (flag)
    {
      error_extra = 'Affected package : perl-58\n' + solaris_get_report2();
      error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra);
      if (report_verbosity > 0) security_warning(port:0, extra:error_extra);
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_PACKAGE_NOT_AFFECTED, "perl-58");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_PERL-8479.NASL
    descriptionThis update of Perl 5 fixes the following security issues : - fix rehash DoS [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - fix glob denial of service [bnc#796014] [CVE-2011-2728] - sanitize input in Maketext.pm [bnc#797060] [CVE-2012-6329] - make getgrent work with long group entries [bnc#788388]
    last seen2020-06-05
    modified2013-03-13
    plugin id65249
    published2013-03-13
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/65249
    titleSuSE 10 Security Update : Perl (ZYPP Patch Number 8479)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(65249);
      script_version("1.8");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2011-2728", "CVE-2012-5526", "CVE-2012-6329", "CVE-2013-1667");
    
      script_name(english:"SuSE 10 Security Update : Perl (ZYPP Patch Number 8479)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of Perl 5 fixes the following security issues :
    
      - fix rehash DoS [bnc#804415] [CVE-2013-1667]
    
      - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]
    
      - fix glob denial of service [bnc#796014] [CVE-2011-2728]
    
      - sanitize input in Maketext.pm [bnc#797060]
        [CVE-2012-6329]
    
      - make getgrent work with long group entries [bnc#788388]"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2728.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5526.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-6329.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-1667.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 8479.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"d2_elliot_name", value:"TWiki 5.1.2 RCE");
      script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/03/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:4, reference:"perl-5.8.8-14.21.3")) flag++;
    if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"perl-32bit-5.8.8-14.21.3")) flag++;
    if (rpm_check(release:"SLES10", sp:4, reference:"perl-5.8.8-14.21.3")) flag++;
    if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"perl-32bit-5.8.8-14.21.3")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 49858 CVE ID: CVE-2011-2728,CVE-2011-2939 Perl是一种高级、通用、直译式、动态的程序语言。 Perl的&quot;decode_xs()&quot;和&quot;File::Glob::bsd_glob()&quot;函数在实现上存在远程代码执行漏洞,远程攻击者可利用此漏洞执行任意代码。 1)在处理GLOB_ALTDIRFUNC旗标时,&quot;File::Glob::bsd_glob()&quot;函数中存在的错误可被利用造成非法访问和执行任意代码。 2)Encode中的&quot;decode_xs()&quot;函数中的错误可通过特制输入造成堆缓冲区溢出。 Perl 5.14.1 厂商补丁: Perl ---- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.perl.com
idSSV:20964
last seen2017-11-19
modified2011-09-30
published2011-09-30
reporterRoot
titlePerl &quot;decode_xs()&quot;和&quot;File::Glob::bsd_glob()&quot;远程代码执行漏洞