what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2010-1168

Status Candidate

Overview

The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods."

Related Files

Gentoo Linux Security Advisory 201111-09
Posted Nov 21, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201111-9 - The Safe module for Perl does not properly restrict code, allowing a remote attacker to execute arbitrary Perl code outside of a restricted compartment. Versions less than 2.27 are affected.

tags | advisory, remote, arbitrary, perl
systems | linux, gentoo
advisories | CVE-2010-1168
SHA-256 | 0325270b4e7a8cddcbb170ebabeb22ee46a13183f5b168584d5b1193f8aef0d2
Ubuntu Security Notice USN-1129-1
Posted May 4, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1129-1 - It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. It was discovered that the CGI.pm Perl module incorrectly handled certain MIME boundary strings. It was discovered that the CGI.pm Perl module incorrectly handled newline characters. It was discovered that the lc, lcfirst, uc, and ucfirst functions did not properly apply the taint attribute when processing tainted input.

tags | advisory, cgi, perl
systems | linux, ubuntu
advisories | CVE-2010-1168, CVE-2010-1447, CVE-2010-2761, CVE-2010-4410, CVE-2010-4411, CVE-2011-1487
SHA-256 | d9b1c961a1a1802599f059cb53ed30cf4056e452151be196e148d2b3c967d09f
VMware Security Advisory 2010-0013
Posted Sep 1, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - The service console package cpio is updated to version 2.5-6.RHEL3. The service console package tar is updated to version 1.13.25-16.RHEL3. The service console packages for samba are updated to version samba-3.0.9-1.3E.17vmw, samba-client-3.0.9-1.3E.17vmw and samba-common-3.0.9-1.3E.17vmw. The service console package krb5 is updated to version 1.2.7-72. The service console package perl is updated to version 5.8.0-101.EL3.

tags | advisory, perl
advisories | CVE-2005-4268, CVE-2010-0624, CVE-2010-0624, CVE-2010-2063, CVE-2010-1321, CVE-2010-1168, CVE-2010-1447
SHA-256 | d9f282f0d9f5fec35a2bbedbc199700f42e61ad6e7d07ff47128d015784fd210
Mandriva Linux Security Advisory 2010-115
Posted Jun 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-115 - Multiple vulnerabilities has been discovered and corrected in Safe.pm which could lead to escalated privileges. The updated packages have been patched to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2010-1168, CVE-2010-1447
SHA-256 | 36f21e4276a78e4439758638503920720b47ea7ed8c3499fb0c30db947d81b37
Mandriva Linux Security Advisory 2010-116
Posted Jun 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-116 - Multiple vulnerabilities has been discovered and corrected in Path.pm and Safe.pm which could lead to escalated privilegies. The updated packages have been patched to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-5302, CVE-2008-5303, CVE-2010-1168, CVE-2010-1447
SHA-256 | 278ee32972da2900f2577f8e89442cf702bae4ae30d56a75844b8ed4546a7c97
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close