Amazon Linux AMI : perl (ALAS-2013-177)

high Nessus Plugin ID 69736

Synopsis

The remote Amazon Linux AMI host is missing a security update.

Description

A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5195)

A denial of service flaw was found in the way Perl's rehashing code implementation, responsible for recalculation of hash keys and redistribution of hash content, handled certain input. If an attacker supplied specially crafted input to be used as hash keys by a Perl application, it could cause excessive memory consumption.
(CVE-2013-1667)

It was found that the Perl CGI module, used to handle Common Gateway Interface requests and responses, incorrectly sanitized the values for Set-Cookie and P3P headers. If a Perl application using the CGI module reused cookies values and accepted untrusted input from web browsers, a remote attacker could use this flaw to alter member items of the cookie or add new items. (CVE-2012-5526)

It was found that the Perl Locale::Maketext module, used to localize Perl applications, did not properly handle backslashes or fully-qualified method names. An attacker could possibly use this flaw to execute arbitrary Perl code with the privileges of a Perl application that uses untrusted Locale::Maketext templates.
(CVE-2012-6329)

Solution

Run 'yum update perl' to update your system.

See Also

https://alas.aws.amazon.com/ALAS-2013-177.html

Plugin Details

Severity: High

ID: 69736

File Name: ala_ALAS-2013-177.nasl

Version: 1.9

Type: local

Agent: unix

Published: 9/4/2013

Updated: 2/7/2019

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Frictionless Assessment AWS, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:perl, p-cpe:/a:amazon:linux:perl-archive-extract, p-cpe:/a:amazon:linux:perl-archive-tar, p-cpe:/a:amazon:linux:perl-cgi, p-cpe:/a:amazon:linux:perl-cpan, p-cpe:/a:amazon:linux:perl-cpanplus, p-cpe:/a:amazon:linux:perl-compress-raw-bzip2, p-cpe:/a:amazon:linux:perl-compress-raw-zlib, p-cpe:/a:amazon:linux:perl-compress-zlib, p-cpe:/a:amazon:linux:perl-digest-sha, p-cpe:/a:amazon:linux:perl-extutils-cbuilder, p-cpe:/a:amazon:linux:perl-extutils-embed, p-cpe:/a:amazon:linux:perl-extutils-makemaker, p-cpe:/a:amazon:linux:perl-extutils-parsexs, p-cpe:/a:amazon:linux:perl-file-fetch, p-cpe:/a:amazon:linux:perl-io-compress-base, p-cpe:/a:amazon:linux:perl-io-compress-bzip2, p-cpe:/a:amazon:linux:perl-io-compress-zlib, p-cpe:/a:amazon:linux:perl-io-zlib, p-cpe:/a:amazon:linux:perl-ipc-cmd, p-cpe:/a:amazon:linux:perl-locale-maketext-simple, p-cpe:/a:amazon:linux:perl-log-message, p-cpe:/a:amazon:linux:perl-log-message-simple, p-cpe:/a:amazon:linux:perl-module-build, p-cpe:/a:amazon:linux:perl-module-corelist, p-cpe:/a:amazon:linux:perl-module-load, p-cpe:/a:amazon:linux:perl-module-load-conditional, p-cpe:/a:amazon:linux:perl-module-loaded, p-cpe:/a:amazon:linux:perl-module-pluggable, p-cpe:/a:amazon:linux:perl-object-accessor, p-cpe:/a:amazon:linux:perl-package-constants, p-cpe:/a:amazon:linux:perl-params-check, p-cpe:/a:amazon:linux:perl-parse-cpan-meta, p-cpe:/a:amazon:linux:perl-pod-escapes, p-cpe:/a:amazon:linux:perl-pod-simple, p-cpe:/a:amazon:linux:perl-term-ui, p-cpe:/a:amazon:linux:perl-test-harness, p-cpe:/a:amazon:linux:perl-test-simple, p-cpe:/a:amazon:linux:perl-time-hires, p-cpe:/a:amazon:linux:perl-time-piece, p-cpe:/a:amazon:linux:perl-core, p-cpe:/a:amazon:linux:perl-debuginfo, p-cpe:/a:amazon:linux:perl-devel, p-cpe:/a:amazon:linux:perl-libs, p-cpe:/a:amazon:linux:perl-parent, p-cpe:/a:amazon:linux:perl-suidperl, p-cpe:/a:amazon:linux:perl-version, cpe:/o:amazon:linux

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/15/2014

Vulnerability Publication Date: 11/21/2012

Exploitable With

Metasploit (TWiki MAKETEXT Remote Command Execution)

Elliot (TWiki 5.1.2 RCE)

Reference Information

CVE: CVE-2012-5195, CVE-2012-5526, CVE-2012-6329, CVE-2013-1667

ALAS: 2013-177

RHSA: 2013:0685