seeing is believing
Showing 51 - 75 of 1,341 RSS Feed

Perl Files

Debian Security Advisory 3261-2
Posted May 21, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3261-2 - The update for libmodule-signature-perl issued as DSA-3261-1 introduced a regression in the handling of the --skip option of cpansign. Updated packages are now available to address this regression.

tags | advisory, perl
systems | linux, debian
MD5 | d2d892fb5ef9716d76503254a689f98c
Debian Security Advisory 3261-1
Posted May 15, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3261-1 - Multiple vulnerabilities were discovered in libmodule-signature-perl, a Perl module to manipulate CPAN SIGNATURE files.

tags | advisory, perl, vulnerability
systems | linux, debian
advisories | CVE-2015-3406, CVE-2015-3407, CVE-2015-3408, CVE-2015-3409
MD5 | 966dfd039384a1b80d4000f3c06200dd
SixApart MovableType Storable Perl Code Execution
Posted May 11, 2015
Authored by John Lightsey | Site metasploit.com

This Metasploit module exploits a serialization flaw in MovableType before 5.2.12 to execute arbitrary code. The default nondestructive mode depends on the target server having the Object::MultiType and DateTime Perl modules installed in Perl's @INC paths. The destructive mode of operation uses only required MovableType dependencies, but it will noticeably corrupt the MovableType installation.

tags | exploit, arbitrary, perl
advisories | CVE-2015-1592
MD5 | 58e0bdb12722f7cfa294fdb57f6af045
Debian Security Advisory 3243-1
Posted May 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3243-1 - Tilmann Haak from xing.com discovered that XML::LibXML, a Perl interface to the libxml2 library, did not respect the expand_entities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.

tags | advisory, perl
systems | linux, debian
advisories | CVE-2015-3451
MD5 | 50b79c25221ac98dac0acd6439f22999
Mandriva Linux Security Advisory 2015-207
Posted Apr 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-207 - Updated perl-Module-Signature package fixes the following security Module::Signature could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. When verifying the contents of a CPAN module, Module::Signature ignored some files in the extracted tarball that were not listed in the signature file. This included some files in the t/ directory that would execute automatically during make test When generating checksums from the signed manifest, Module::Signature used two argument open() calls to read the files. This allowed embedding arbitrary shell commands into the SIGNATURE file that would execute during the signature verification process. Several modules were loaded at runtime inside the extracted module directory. Modules like Text::Diff are not guaranteed to be available on all platforms and could be added to a malicious module so that they would load from the '.' path in \@INC.

tags | advisory, arbitrary, shell, perl
systems | linux, mandriva
MD5 | e9f6c1050a729cd31ef0b973b2c5d60b
Legend Perl IRC Bot Remote Code Execution
Posted Apr 27, 2015
Authored by Jay Turla

Simple proof of concept tool to leverage remote code execution on the Legend perl IRC bot.

tags | exploit, remote, perl, code execution, proof of concept
MD5 | 3b15b371ee3f1b458ce633d12ca2c3cb
Debian Security Advisory 3219-1
Posted Apr 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3219-1 - Stefan Roas discovered a way to cause a buffer overflow in DBD-FireBird, a Perl DBI driver for the Firebird RDBMS, in certain error conditions, due to the use of the sprintf() function to write to a fixed-size memory buffer.

tags | advisory, overflow, perl
systems | linux, debian
advisories | CVE-2015-2788
MD5 | 1df45e3907cee5977601ef2249ea41cc
Mandriva Linux Security Advisory 2015-136
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-136 - The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function. Also, the Text::Wrap version provided in perl contains a bug that can lead to a code path that shouldn't be hit. This can lead to crashes in other software, such as Bugzilla. The Text::Wrap module bundled with Perl has been patched and the Data::Dumper module bundled with Perl has been updated to fix these issues.

tags | advisory, denial of service, perl
systems | linux, mandriva
advisories | CVE-2014-4330
MD5 | eec4db20e91727a9b339e9d324da5749
Mandriva Linux Security Advisory 2015-092
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-092 - Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects. Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled. A remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the -OQ option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

tags | advisory, remote, denial of service, perl
systems | linux, mandriva
advisories | CVE-2014-2284, CVE-2014-2285, CVE-2014-3565
MD5 | 995d5d3ad38c457a1c526a324650b2c3
TWiki Debugenableplugins Remote Code Execution
Posted Mar 19, 2015
Authored by h0ng10, Netanel Rubin | Site metasploit.com

TWiki versions 4.0.x through 6.0.0 contain a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution.

tags | exploit, remote, perl, code execution
advisories | CVE-2014-7236
MD5 | 861350151f1243072a1bf5d32e992c39
Red Hat Security Advisory 2015-0330-02
Posted Mar 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0330-02 - PCRE is a Perl-compatible regular expression library. A flaw was found in the way PCRE handled certain malformed regular expressions. This issue could cause an application linked against PCRE to crash while parsing malicious regular expressions. This update also adds the following enhancement: Support for the little-endian variant of IBM Power Systems has been added to the pcre packages.

tags | advisory, perl
systems | linux, redhat
advisories | CVE-2014-8964
MD5 | c4681d3aec63d87299612055c3b26f17
Debian Security Advisory 3173-1
Posted Feb 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3173-1 - It was discovered that libgtk2-perl, a Perl interface to the 2.x series of the Gimp Toolkit library, incorrectly frees memory which GTK+ still holds onto and might access later, leading to denial of service (application crash) or, potentially, to arbitrary code execution.

tags | advisory, denial of service, arbitrary, perl, code execution
systems | linux, debian
MD5 | af51051e534edef52f74835df9f5a0ff
Juli Man-In-The-Middle Script
Posted Feb 21, 2015
Authored by em616

This is a simple perl script for setting up man-in-the-middle attacks on Linux.

tags | tool, perl
systems | linux, unix
MD5 | a64484ef0e9bbad1e66c9c13412d4567
Mandriva Linux Security Advisory 2015-044
Posted Feb 12, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-044 - Incorrect memory management in Gtk2::Gdk::Display::list_devices in perl-Gtk2 before 1.2495, where, the code was freeing memory that gtk+ still holds onto and might access later. The updated packages have been patched to correct this issue.

tags | advisory, perl
systems | linux, mandriva
MD5 | 4494db134fc970f9caa713efd9f07f8b
Ubuntu Security Notice USN-2461-2
Posted Jan 13, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2461-2 - Stanislaw Pitucha and Jonathan Gray discovered that libyaml-libyaml-perl did not properly handle wrapped strings. An attacker could create specially crafted YAML data to trigger an assert, causing a denial of service.

tags | advisory, denial of service, perl
systems | linux, ubuntu
advisories | CVE-2014-9130
MD5 | 98cee7a4829c3edaa3a39fe7e418f7d1
Shodan Tool 0.6
Posted Jan 10, 2015
Authored by Doddy Hackman

Shodan Tool is a perl script that allows you to search for vulnerabilities in Shodan.

tags | tool, scanner, perl, vulnerability
systems | unix
MD5 | 4aaa0f871fbe478d38f4a70f76af26a8
WP-Bruteforce c0d3Lib WordPress Bruteforcing Tool
Posted Jan 8, 2015
Authored by Agha Nata

This is a perl script to bruteforce logins on WordPress.

tags | tool, cracker, perl
MD5 | ed394d86c2065524b5258e2632cf68dc
Mandriva Linux Security Advisory 2014-242
Posted Dec 15, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-242 - An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. The perl-YAML-LibYAML package is also affected, as it was derived from the same code. Both have been patched to fix this issue.

tags | advisory, perl
systems | linux, mandriva
advisories | CVE-2014-9130
MD5 | a6827f64e5910be462be455ebdd112ef
Mandriva Linux Security Advisory 2014-199
Posted Oct 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-199 - Updated perl and perl-Data-Dumper packages fixes security The Dumper method in Data::Dumper before 2.154, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function. The Data::Dumper module bundled with perl and the perl-Data-Dumper packages has been updated to fix this issue.

tags | advisory, denial of service, perl
systems | linux, mandriva
advisories | CVE-2014-4330
MD5 | 7378f2ab1a911ae12fb18612b875a533
HP Data Protector EXEC_INTEGUTIL Remote Code Execution
Posted Oct 21, 2014
Authored by Aniway, juan vazquez | Site metasploit.com

This exploit abuses a vulnerability in the HP Data Protector. The vulnerability exists in the Backup client service, which listens by default on TCP/5555. The EXEC_INTEGUTIL request allows to execute arbitrary commands from a restricted directory. Since it includes a perl executable, it's possible to use an EXEC_INTEGUTIL packet to execute arbitrary code. On linux targets, the perl binary isn't on the restricted directory, but an EXEC_BAR packet can be used to access the perl binary, even in the last version of HP Data Protector for linux. This Metasploit module has been tested successfully on HP Data Protector 9 over Windows 2008 R2 64 bits and CentOS 6 64 bits.

tags | exploit, arbitrary, perl, tcp
systems | linux, windows, centos
MD5 | 97b7fba08bd2896683e6299d64a0465b
Gentoo Linux Security Advisory 201410-02
Posted Oct 13, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201410-2 - Multiple vulnerabilities have been found in Perl Locale-Maketext module, allowing remote attackers to inject and execute arbitrary Perl code. Versions prior to 1.230.0 are affected.

tags | advisory, remote, arbitrary, perl, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6329
MD5 | e65faf0ade818c9256ca3a7b56e696ad
Twiki Perl Code Execution
Posted Oct 10, 2014
Authored by Peter Thoeny

The debugenableplugins request parameter in Twiki versions 4.x, 5.x, and 6.0.0 allows arbitrary Perl code execution.

tags | exploit, arbitrary, perl, code execution
advisories | CVE-2014-7236
MD5 | f6bd86cf1ce91b013111856c03894bcf
Mandriva Linux Security Advisory 2014-192
Posted Oct 3, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-192 - The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service via an empty quoted string in an RFC 2822 address. The Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service via vectors related to backtracking into the phrase.

tags | advisory, remote, denial of service, perl
systems | linux, mandriva
advisories | CVE-2014-0477, CVE-2014-4720
MD5 | a23dafdcbef4536016bec1dfd6dce173
Mandriva Linux Security Advisory 2014-191
Posted Sep 30, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-191 - The mkxmltype and mkdtskel scripts provided in perl-XML-DT allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.

tags | advisory, arbitrary, local, perl
systems | linux, mandriva
advisories | CVE-2014-5260
MD5 | a5850a95649f975bb2d1424a648f5e5a
Gnu Bash 4.3 CGI REFERER Command Injection
Posted Sep 26, 2014
Authored by Simo Ben Youssef | Site morxploit.com

GNU Bash versions 4.3 and below remote command injection exploit that leverages the REFERER header on vulnerable CGI scripts. Launches a connect-back shell. Written in Perl.

tags | exploit, remote, shell, cgi, perl, bash
advisories | CVE-2014-6271, CVE-2014-7169
MD5 | 4531f89bff0df788f0425631f66f06b4
Page 3 of 54
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close