SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |   



Category:   Application (Generic)  >   Perl Vendors:   Wall, Larry
(Red Hat Issues Fix) Perl File::Path.pm rmtree() Race Condition May Let Local Users Create Privileged Binaries
SecurityTracker Alert ID:  1015007
SecurityTracker URL:  https://securitytracker.com/id/1015007
CVE Reference:   CVE-2005-0448   (Links to External Site)
Updated:  Dec 20 2005
Original Entry Date:  Oct 5 2005
Impact:   Modification of system information, Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 5.8.4
Description:   In March 2005, a vulnerability was reported in the rmtree() function in File::Path.pm. A local user may be able to create set user id (setuid) binaries in certain cases.

A local user can exploit a race condition to create setuid binaries in a directory tree while the directory tree is being deleted by a root level user. The user must have write permissions in that directory tree to exploit this flaw.

Paul Szabo discovered this vulnerability.
Impact:   A local user can create setuid binaries in certain cases.
Solution:   Red Hat has released a fix.

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/perl-5.8.5-16.RHEL4.src.rpm
680ce92a9da6cccf344e1b13123d9aaa perl-5.8.5-16.RHEL4.src.rpm

i386:
9ec1570c81d4034b22e5b4e10d1b9e18 perl-5.8.5-16.RHEL4.i386.rpm
cfe9e85adc4c8faa977e56f3ff06abd3 perl-suidperl-5.8.5-16.RHEL4.i386.rpm

ia64:
453283cb6c5d392580a318ddf0a5fbb5 perl-5.8.5-16.RHEL4.ia64.rpm
9f01a4ef79fc601ac34892d5df64a7a4 perl-suidperl-5.8.5-16.RHEL4.ia64.rpm

ppc:
89dad8dbc4dc1ca219ad353c0ebce105 perl-5.8.5-16.RHEL4.ppc.rpm
d768e18d710ed0ddf9ff928cd7b62991 perl-suidperl-5.8.5-16.RHEL4.ppc.rpm

s390:
d2b9782e99e123ada2a42c0719d4286b perl-5.8.5-16.RHEL4.s390.rpm
786148799901a80afa9ae8ecd8a08c88 perl-suidperl-5.8.5-16.RHEL4.s390.rpm

s390x:
d2a24c5fbc21634c1242477a1f959df8 perl-5.8.5-16.RHEL4.s390x.rpm
ef1e3ff9dfeb8bb39807841fdabbc3c9 perl-suidperl-5.8.5-16.RHEL4.s390x.rpm

x86_64:
0d14d35ee0f24120c7e3e36e17ee3ea1 perl-5.8.5-16.RHEL4.x86_64.rpm
41c3d79fba9d74c3e7da6f57d4d167ee perl-suidperl-5.8.5-16.RHEL4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/perl-5.8.5-16.RHEL4.src.rpm
680ce92a9da6cccf344e1b13123d9aaa perl-5.8.5-16.RHEL4.src.rpm

i386:
9ec1570c81d4034b22e5b4e10d1b9e18 perl-5.8.5-16.RHEL4.i386.rpm
cfe9e85adc4c8faa977e56f3ff06abd3 perl-suidperl-5.8.5-16.RHEL4.i386.rpm

x86_64:
0d14d35ee0f24120c7e3e36e17ee3ea1 perl-5.8.5-16.RHEL4.x86_64.rpm
41c3d79fba9d74c3e7da6f57d4d167ee perl-suidperl-5.8.5-16.RHEL4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/perl-5.8.5-16.RHEL4.src.rpm
680ce92a9da6cccf344e1b13123d9aaa perl-5.8.5-16.RHEL4.src.rpm

i386:
9ec1570c81d4034b22e5b4e10d1b9e18 perl-5.8.5-16.RHEL4.i386.rpm
cfe9e85adc4c8faa977e56f3ff06abd3 perl-suidperl-5.8.5-16.RHEL4.i386.rpm

ia64:
453283cb6c5d392580a318ddf0a5fbb5 perl-5.8.5-16.RHEL4.ia64.rpm
9f01a4ef79fc601ac34892d5df64a7a4 perl-suidperl-5.8.5-16.RHEL4.ia64.rpm

x86_64:
0d14d35ee0f24120c7e3e36e17ee3ea1 perl-5.8.5-16.RHEL4.x86_64.rpm
41c3d79fba9d74c3e7da6f57d4d167ee perl-suidperl-5.8.5-16.RHEL4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/perl-5.8.5-16.RHEL4.src.rpm
680ce92a9da6cccf344e1b13123d9aaa perl-5.8.5-16.RHEL4.src.rpm

i386:
9ec1570c81d4034b22e5b4e10d1b9e18 perl-5.8.5-16.RHEL4.i386.rpm
cfe9e85adc4c8faa977e56f3ff06abd3 perl-suidperl-5.8.5-16.RHEL4.i386.rpm

ia64:
453283cb6c5d392580a318ddf0a5fbb5 perl-5.8.5-16.RHEL4.ia64.rpm
9f01a4ef79fc601ac34892d5df64a7a4 perl-suidperl-5.8.5-16.RHEL4.ia64.rpm

x86_64:
0d14d35ee0f24120c7e3e36e17ee3ea1 perl-5.8.5-16.RHEL4.x86_64.rpm
41c3d79fba9d74c3e7da6f57d4d167ee perl-suidperl-5.8.5-16.RHEL4.x86_64.rpm

The vendor's advisory is available at:

https://rhn.redhat.com/errata/RHSA-2005-674.html
Cause:   Access control error, State error
Underlying OS:  Linux (Red Hat Enterprise)
Underlying OS Comments:  4

Message History:   This archive entry is a follow-up to the message listed below.
Jun 16 2005 Perl File::Path.pm rmtree() Race Condition May Let Local Users Create Privileged Binaries


 Source Message Contents
Subject:  [RHSA-2005:674-01] Low: perl security update


[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search


Content previously copyright SecurityGlobal.net LLC placed in the public domain on December 31, 2019.