- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-201709-12 (Perl: Race condition vulnerability)
A race condition occurs within concurrent environments. This condition was discovered by The cPanel Security Team in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl. This is due to the time-of-check-to-time-of-use (TOCTOU) race condition between the stat() that decides the inode is a directory and the chmod() that tries to make it user-rwx.
Impact :
A local attacker could exploit this condition to set arbitrary mode values on arbitrary files and hence bypass security restrictions.
Workaround :
There is no known workaround at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top