Nessus Plugin #17600
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[DSA696] DSA-696-1 perl
- Family:
- Debian Local Security Checks
- Category:
- infos
- Copyright:
- This script is (C) 2005 Michel Arboi
- Summary:
- DSA-696-1 perl
- Version:
- $Revision: 1.1 $
- Cve_id:
- CAN-2005-0448
- Bugtraq_id:
- -
- Xrefs:
- DSA:696
- Description:
Paul Szabo discovered another vulnerability in the File::Path::rmtree
function of perl, the popular scripting language. When a process is
deleting a directory tree, a different user could exploit a race
condition to create setuid binaries in this directory tree, provided
that he already had write permissions in any subdirectory of that
tree.
For the stable distribution (woody) this problem has been fixed in
version 5.6.1-8.9.
For the unstable distribution (sid) this problem has been fixed in
version 5.8.4-8.
We recommend that you upgrade your perl packages.
Solution : http://www.debian.org/security/2005/dsa-696
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.