New Search

Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world which allows local users to delete arbitrary files and directories and possibly read files and directories via a symlink attack.

oval:org.mitre.oval:def:10404

The PerlIO implementation in Perl 5.8.0 when installed with setuid support (sperl) allows local users to create arbitrary files via the PERLIO_DEBUG variable.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 3
  • Oracle Linux 4
  • Red Hat Enterprise Linux 4
  • CentOS Linux 4
  • Red Hat Enterprise Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2005-0155
Product(s):