- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200501-38 (Perl: rmtree and DBI tmpfile vulnerabilities)
Javier Fernandez-Sanguino Pena discovered that the DBI library creates temporary files in an insecure, predictable way (CAN-2005-0077). Paul Szabo found out that 'File::Path::rmtree' is vulnerable to various race conditions (CAN-2004-0452, CAN-2005-0448).
Impact :
A local attacker could create symbolic links in the temporary files directory that point to a valid file somewhere on the filesystem. When the DBI library or File::Path::rmtree is executed, this could be used to overwrite or remove files with the rights of the user calling these functions.
Workaround :
There are no known workarounds at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top