ID CVE-2006-3813
Summary A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information.
References
Vulnerable Configurations
  • cpe:2.3:o:redhat:enterprise_linux:4.0:*:linux_kernel_2.6.9:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:4.0:*:linux_kernel_2.6.9:*:*:*:*:*
CVSS
Base: 2.1 (as of 11-10-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:P/A:N
oval via4
accepted 2013-04-29T04:19:32.770-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information.
family unix
id oval:org.mitre.oval:def:9456
status accepted
submitted 2010-07-09T03:56:16-04:00
title A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information.
version 29
redhat via4
advisories
bugzilla
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304025
    • OR
      • AND
        • comment perl is earlier than 3:5.8.5-36.RHEL4
          oval oval:com.redhat.rhsa:tst:20060605001
        • comment perl is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060605002
      • AND
        • comment perl-suidperl is earlier than 3:5.8.5-36.RHEL4
          oval oval:com.redhat.rhsa:tst:20060605003
        • comment perl-suidperl is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060605004
rhsa
id RHSA-2006:0605
released 2006-08-10
severity Important
title RHSA-2006:0605: perl security update (Important)
rpms
  • perl-3:5.8.5-36.RHEL4
  • perl-debuginfo-3:5.8.5-36.RHEL4
  • perl-suidperl-3:5.8.5-36.RHEL4
refmap via4
confirm http://support.avaya.com/elmodocs2/security/ASA-2006-163.htm
secunia 21646
Last major update 11-10-2017 - 01:31
Published 11-08-2006 - 21:04
Last modified 11-10-2017 - 01:31
Back to Top