How to Buy
This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200502-13
(Perl: Vulnerabilities in perl-suid wrapper)
perl-suid scripts honor the PERLIO_DEBUG environment variable and
write to that file with elevated privileges (CAN-2005-0155).
Furthermore, calling a perl-suid script with a very long path while
PERLIO_DEBUG is set could trigger a buffer overflow (CAN-2005-0156).
A local attacker could set the PERLIO_DEBUG environment variable
and call existing perl-suid scripts, resulting in file overwriting and
potentially the execution of arbitrary code with root privileges.
You are not vulnerable if you do not have the perlsuid USE flag
set or do not use perl-suid scripts.
See also :
All Perl users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose dev-lang/perl
Risk factor :
Medium / CVSS Base Score : 4.6
Public Exploit Available : true
Family: Gentoo Local Security Checks
Nessus Plugin ID: 16450 (gentoo_GLSA-200502-13.nasl)
CVE ID: CVE-2005-0155CVE-2005-0156
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.