FreeBSD : perl -- File::Path insecure file/directory permissions (c418d472-6bd1-11d9-93ca-000a95bc6fae)

low Nessus Plugin ID 19112

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Jeroen van Wolffelaar reports that the Perl module File::Path contains a race condition wherein traversed directories and files are temporarily made world-readable/writable.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?52802ced

http://www.nessus.org/u?2d535b15

Plugin Details

Severity: Low

ID: 19112

File Name: freebsd_pkg_c418d4726bd111d993ca000a95bc6fae.nasl

Version: 1.19

Type: local

Published: 7/13/2005

Updated: 1/6/2021

Risk Information

VPR

Risk Factor: Medium

Score: 4

CVSS v2

Risk Factor: Low

Base Score: 2.6

Vector: AV:L/AC:H/Au:N/C:N/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:perl, p-cpe:/a:freebsd:freebsd:perl-threaded, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/21/2005

Vulnerability Publication Date: 12/30/2004

Reference Information

CVE: CVE-2004-0452

DSA: 620