ID CVE-2005-0077
Summary The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
References
Vulnerable Configurations
  • cpe:2.3:o:debian:debian_linux:3.0:-:woody
    cpe:2.3:o:debian:debian_linux:3.0:-:woody
  • Gentoo Linux
    cpe:2.3:o:gentoo:linux
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:advanced_server
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:advanced_server
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:enterprise_server
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:enterprise_server
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:workstation
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:workstation
  • Red Hat Desktop 4.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:4.0
  • cpe:2.3:o:ubuntu:ubuntu_linux:4.10
    cpe:2.3:o:ubuntu:ubuntu_linux:4.10
CVSS
Base: 2.1 (as of 02-06-2005 - 22:05)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-030.NASL
    description Javier Fernandez-Sanguino Pena disovered the perl5 DBI library created a temporary PID file in an insecure manner, which could be exploited by a malicious user to overwrite arbitrary files owned by the user executing the parts of the library. The updated packages have been patched to prevent these problems.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 16359
    published 2005-02-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16359
    title Mandrake Linux Security Advisory : perl-DBI (MDKSA-2005:030)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-069.NASL
    description An updated perl-DBI package that fixes a temporary file flaw in DBI::ProxyServer is now available. DBI is a database access Application Programming Interface (API) for the Perl programming language. The Debian Security Audit Project discovered that the DBI library creates a temporary PID file in an insecure manner. A local user could overwrite or create files as a different user who happens to run an application which uses DBI::ProxyServer. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0077 to this issue. Users should update to this erratum package which disables the temporary PID file unless configured.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 16298
    published 2005-02-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16298
    title RHEL 2.1 / 3 : perl (RHSA-2005:069)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_9838.NASL
    description This update fixes insecure temp. file handling. (CVE-2005-0077)
    last seen 2018-11-17
    modified 2018-11-15
    plugin id 41346
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41346
    title SuSE9 Security Update : perl-DBI (YOU Patch Number 9838)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-658.NASL
    description Javier Fernandez-Sanguino Pena from the Debian Security Audit Project discovered that the DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 16249
    published 2005-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16249
    title Debian DSA-658-1 : libdbi-perl - insecure temporary file
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200501-38.NASL
    description The remote host is affected by the vulnerability described in GLSA-200501-38 (Perl: rmtree and DBI tmpfile vulnerabilities) Javier Fernandez-Sanguino Pena discovered that the DBI library creates temporary files in an insecure, predictable way (CAN-2005-0077). Paul Szabo found out that 'File::Path::rmtree' is vulnerable to various race conditions (CAN-2004-0452, CAN-2005-0448). Impact : A local attacker could create symbolic links in the temporary files directory that point to a valid file somewhere on the filesystem. When the DBI library or File::Path::rmtree is executed, this could be used to overwrite or remove files with the rights of the user calling these functions. Workaround : There are no known workarounds at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 16429
    published 2005-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16429
    title GLSA-200501-38 : Perl: rmtree and DBI tmpfile vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-072.NASL
    description An updated perl-DBI package that fixes a temporary file flaw in DBI::ProxyServer is now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. DBI is a database access Application Programming Interface (API) for the Perl programming language. The Debian Security Audit Project discovered that the DBI library creates a temporary PID file in an insecure manner. A local user could overwrite or create files as a different user who happens to run an application which uses DBI::ProxyServer. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0077 to this issue. Users should update to this erratum package which disables the temporary PID file unless configured.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 17180
    published 2005-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17180
    title RHEL 4 : perl-DBI (RHSA-2005:072)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-70-1.NASL
    description Javier Fernandez-Sanguino Pena from the Debian Security Audit Project discovered that the module DBI::ProxyServer in Perl's DBI library created a PID file in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking a program using this module (like 'dbiproxy'). Now the module does not create a such a PID file by default. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20691
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20691
    title Ubuntu 4.10 : libdbi-perl vulnerabilities (USN-70-1)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_8CFB6F42D2B011DAA672000E0C2E438A.NASL
    description Javier Fernandez-Sanguino Pena reports : The DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21470
    published 2006-05-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21470
    title FreeBSD : p5-DBI -- insecure temporary file creation vulnerability (8cfb6f42-d2b0-11da-a672-000e0c2e438a)
oval via4
accepted 2013-04-29T04:06:39.204-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
family unix
id oval:org.mitre.oval:def:10552
status accepted
submitted 2010-07-09T03:56:16-04:00
title arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
version 22
redhat via4
advisories
rhsa
id RHSA-2005:072
refmap via4
bid 12360
bugtraq 20050125 [USN-70-1] Perl DBI module vulnerability
debian DSA-658
fedora FLSA-2006:178989
gentoo GLSA-200501-38
mandrake MDKSA-2005:030
sectrack 1013007
secunia
  • 14015
  • 14050
xf dbi-library-file-overwrite(19068)
Last major update 17-10-2016 - 23:07
Published 02-05-2005 - 00:00
Last modified 19-10-2018 - 11:31
Back to Top