RHEL 3 : perl (RHSA-2005:105)

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated Perl packages that fix several security issues are now
available for Red Hat Enterprise Linux 3.

Perl is a high-level programming language commonly used for system
administration utilities and Web programming.

Kevin Finisterre discovered a stack based buffer overflow flaw in
sperl, the Perl setuid wrapper. A local user could create a sperl
executable script with a carefully created path name, overflowing the
buffer and leading to root privilege escalation. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2005-0156 to this issue.

Kevin Finisterre discovered a flaw in sperl which can cause debugging
information to be logged to arbitrary files. By setting an environment
variable, a local user could cause sperl to create, as root, files
with arbitrary filenames, or append the debugging information to
existing files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2005-0155 to this issue.

Users of Perl are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-0452.html
https://www.redhat.com/security/data/cve/CVE-2005-0155.html
https://www.redhat.com/security/data/cve/CVE-2005-0156.html
http://rhn.redhat.com/errata/RHSA-2005-105.html

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 3.8
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 16361 ()

Bugtraq ID: 12426

CVE ID: CVE-2004-0452
CVE-2005-0155
CVE-2005-0156