CVE-2008-2827

EPSS 0.10%

perl - information disclosure / permission bypass

發布日:2008/6/23修改日:2026/4/28

描述

The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.

受影響套件(2)

Debian/perlfrom 0, < 5.10.0-11
Debian/perlfrom 0, < 5.10.0-10+lenny1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-2827