CVE-2008-2827 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-2827
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-2827

Description: The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/43308 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html ST 1020373 SAID Secunia Advisory: SA30790 Secunia Advisory: SA30837 Secunia Advisory: SA31687 MISC http://rt.cpan.org/Public/Bug/Display.html?id=36982 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:165 FEDORA CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319 BID 29902

Return to the previous page.