Gentoo Linux Security Advisory 201709-12 - A vulnerability in module File::Path for Perl allows local attackers to set arbitrary mode values on arbitrary files bypassing security restrictions. Versions less than 5.24.1-r2 are affected.
5620847c3a8f249a70ab67b6ec52b2b1360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
2cba5e7f228859fd636962a64d3f49d0check_siem is a security incidents and events monitor written in Perl. It reports on unusual user, process, net, and file activities by leveraging fuzzy LSOF statistics. Think of it as a fun-sized HIDS.
1aea048508da5cbbeaf7f61b00c2598fRootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
c625bcb5e226d1f2a7a3a530b7e4fbd9Debian Linux Security Advisory 3873-1 - The cPanel Security Team reported a time of check to time of use (TOCTTOU) race condition flaw in File::Path, a core module from Perl to create or remove directory trees. An attacker can take advantage of this flaw to set the mode on an attacker-chosen file to a attacker-chosen value.
599f343c6f8c0a3ef16c7eb1a857ccb8Uberscan is an IP scanner and brute forcing tool all in one. Written in perl.
c2206c84617814483c4882184580d507360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
b89c2831979ada2d1e3b0440139a40b5360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
ccc8ee4c1cae5c44a1d4530da9387ca9Gentoo Linux Security Advisory 201701-75 - Multiple vulnerabilities have been found in Perl, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 5.22.3_rc4 are affected.
aadc81a6433dc3251362cd7f85b56bd8VBScan is a black box vBulletin vulnerability scanner written in perl.
cd8948f91ed8d7abf1aabfd6df5c7551VBScan is a black box vBulletin vulnerability scanner written in perl.
ab8f36c6254b92a9bcade76be6484200Debian Linux Security Advisory 3684-1 - Paul Rohar discovered that libdbd-mysql-perl, the Perl DBI database driver for MySQL and MariaDB, constructed an error message in a fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service.
948dde10da1adfd60275906fdbc47fab360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
1873a9b926565710ead0a8b996652ead360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
8ba032177a73e72a1b286b83ac1fd08eHP Security Bulletin HPSBNS03635 1 - Multiple potential remote and local vulnerabilities impacting Perl and PHP have been addressed by HPE NonStop Servers OSS Script Languages. The vulnerabilities include Perl's opportunistic loading of optional modules which might allow local users to gain elevation of privilege via a Trojan horse library under the current working directory. Revision 1 of this advisory.
208143266211c16a2e73608c2b984f2cDebian Linux Security Advisory 3635-1 - Two use-after-free vulnerabilities were discovered in DBD::mysql, a Perl DBI driver for the MySQL database server. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using DBD::mysql (application crash), or potentially to execute arbitrary code with the privileges of the user running the application.
33c26c77e3467008c0dcf4e21badd253Debian Linux Security Advisory 3628-1 - Multiple vulnerabilities were discovered in the implementation of the Perl programming language.
954df4e8b02c51487e71cb3bba066346Red Hat Security Advisory 2016-1132-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaDB uses PCRE, a Perl-compatible regular expression library, to implement regular expression support in SQL queries. Security Fix: It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client.
9c19f528cc0287353b03402e02574b87Red Hat Security Advisory 2016-1025-01 - PCRE is a Perl-compatible regular expression library. Security Fix: Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code.
ea4c5211eeddf89b210e60b859ff9162VBScan is a black box vBulletin vulnerability scanner written in perl.
c1649d6f39cb0e909b68b01e771909b0This Metasploit module exploits a Perl injection vulnerability in Exim versions prior to 4.86.2 given the presence of the "perl_startup" configuration parameter.
1b3e86403723d9ae893f6c3110bbd0c2Perl version 5.22 suffers from two out-of-bounds reads and multiple small buffer over-read vulnerabilities in the VDir::MapPathA and VDir::MapPathW functions that could potentially be exploited to achieve arbitrary code execution.
7bd4f274aa06f06b50d992e05391c4adSome installations of Postgres 8 and 9 are configured to allow loading external scripting languages. Most commonly this is Perl and Python. When enabled, command execution is possible on the host. To execute system commands, loading the "untrusted" version of the language is necessary. This requires a superuser. This is usually postgres. The execution should be platform-agnostic, and has been tested on OS X, Windows, and Linux. This Metasploit module attempts to load Perl or Python to execute system commands. As this dynamically loads a scripting language to execute commands, it is not necessary to drop a file on the filesystem. Only Postgres 8 and up are supported.
3c81d94f69a7a70e2c856b1c3cb07ab0Exim versions prior to 4.86.2 suffer from a local root privilege escalation vulnerability. When Exim installation has been compiled with Perl support and contains a perl_startup configuration variable it can be exploited by malicious local attackers to gain root privileges.
dfa8bd2eefce417043294f1a91f32077360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
53c3fed007d6fe8832181128c05510a5
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed