AIX Perl Advisory : perl_advisory4.asc

High Nessus Plugin ID 73735

Synopsis

The remote AIX host has a vulnerable version of Perl.

Description

The version of Perl on the remote host is affected by a code execution vulnerability.

The _compile function in Locale::Maketext in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation. This could allow context- dependent attackers to execute arbitrary commands via crafted input.

Solution

A fix is available, and it can be downloaded from the AIX website.
For AIX 5.3 or AIX 6.1, use perl61.zip, and for AIX 7.1 use perl71.zip.

IMPORTANT : If possible, it is recommended that a mksysb backup of the system be created. Verify it is both bootable and readable before proceeding.

To preview the fix installation :

 installp -apYd . perl

To install the fix package :

 installp -aXYd . perl

See Also

http://aix.software.ibm.com/aix/efixes/security/perl_advisory4.asc

https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp

Plugin Details

Severity: High

ID: 73735

File Name: aix_perl_advisory4.nasl

Version: 1.11

Type: local

Published: 2014/04/28

Updated: 2018/07/17

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:ibm:aix, cpe:/a:perl:perl

Required KB Items: Host/AIX/lslpp, Host/local_checks_enabled, Host/AIX/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/04/23

Vulnerability Publication Date: 2013/01/04

Exploitable With

Metasploit (TWiki MAKETEXT Remote Command Execution)

Elliot (TWiki 5.1.2 RCE)

Reference Information

CVE: CVE-2012-6329

BID: 56852