CVE-2005-0448
perl - design flaw
EPSS 0.09%
Description
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
How to fix CVE-2005-0448
To remediate CVE-2005-0448, upgrade the affected package to a fixed version below.
- Debian/perl—upgrade to 5.8.4-7 or later
- Debian/perl—upgrade to 5.6.1-8.9 or later
Is CVE-2005-0448 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 5.8.4-7
- from 0, < 5.6.1-8.9