RHEL 4 : perl (RHSA-2005:103)

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated Perl packages that fix several security issues are now
available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the
Red Hat Security Response Team

Perl is a high-level programming language commonly used for system
administration utilities and Web programming.

Kevin Finisterre discovered a stack based buffer overflow flaw in
sperl, the Perl setuid wrapper. A local user could create a sperl
executable script with a carefully created path name, overflowing the
buffer and leading to root privilege escalation. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2005-0156 to this issue.

Kevin Finisterre discovered a flaw in sperl which can cause debugging
information to be logged to arbitrary files. By setting an environment
variable, a local user could cause sperl to create, as root, files
with arbitrary filenames, or append the debugging information to
existing files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2005-0155 to this issue.

An unsafe file permission bug was discovered in the rmtree() function
in the File::Path module. The rmtree() function removes files and
directories in an insecure manner, which could allow a local user to
read or delete arbitrary files. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-0452
to this issue.

Users of Perl are advised to upgrade to this updated package, which
contains backported patches to correct these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-0452.html
https://www.redhat.com/security/data/cve/CVE-2005-0155.html
https://www.redhat.com/security/data/cve/CVE-2005-0156.html
http://rhn.redhat.com/errata/RHSA-2005-103.html

Solution :

Update the affected perl and / or perl-suidperl packages.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 17187 ()

Bugtraq ID:

CVE ID: CVE-2004-0452
CVE-2005-0155
CVE-2005-0156