exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2005-3962

Status Candidate

Overview

Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.

Related Files

HP Security Bulletin 2006-11.5
Posted Jul 2, 2006
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified in Perl 5.8.2 and earlier running on HP Tru64 UNIX. These vulnerabilities could be exploited by a local user to execute unauthorized code.

tags | advisory, local, perl, vulnerability
systems | unix
advisories | CVE-2005-3962
SHA-256 | d23a8ee6f8d087198ee77c28904792640cf69c9be7a9730cfe5d3211938739c9
Debian Linux Security Advisory 943-1
Posted Jan 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory DSA 943-1 - Jack Louis discovered an integer overflow in Perl, Larry Wall's Practical Extraction and Report Language, that allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via specially crafted content that is passed to vulnerable format strings of third party software.

tags | advisory, overflow, arbitrary, perl
systems | linux, debian
advisories | CVE-2005-3962
SHA-256 | 418585b662fa3f0b96fc83f0a0222571bfad3e5b4be53af7f5c8f8187924280a
Trustix Secure Linux Security Advisory 2005.70
Posted Dec 14, 2005
Authored by Trustix | Site http.trustix.org

Trustix Secure Linux Security Advisory #2005-0070 - Multiple kernel vulnerabilities and a perl vulnerability have been addressed in this advisory.

tags | advisory, kernel, perl, vulnerability
systems | linux
advisories | CVE-2005-3807, CVE-2005-3784, CVE-2005-3857, CVE-2005-3962
SHA-256 | 9fb8586d1071b91a0ddf0e2fd5bab8c2f75ccfb7324332719c2e70603832cd40
Ubuntu Security Notice 222-1
Posted Dec 3, 2005
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-222-1 - Jack Louis of Dyad Security discovered that Perl did not sufficiently check the explicit length argument in format strings. Specially crafted format strings with overly large length arguments led to a crash of the Perl interpreter or even to execution of arbitrary attacker-defined code with the privileges of the user running the Perl program.

tags | advisory, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2005-3962
SHA-256 | bfe55a56e657241ef7dc2839ec85a1d525daa274af5d85c1db814fa6967a6512
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close