CVE-2013-2145

描述

The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/.

受影響套件(1)

• Debian/libmodule-signature-perlfrom 0, < 0.73-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-2145