CVE-2005-0156

NONE EPSS 67.2%
Published Feb 7, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published Feb 7, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

Threat Intelligence

EPSS Exploit Probability
67.2% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Affected Products 32

VendorProductVersionRange
larry_wallperl5.8.0any
larry_wallperl5.8.1any
larry_wallperl5.8.3any
larry_wallperl5.8.4any
larry_wallperl5.8.4.1any
larry_wallperl5.8.4.2any
larry_wallperl5.8.4.2.3any
larry_wallperl5.8.4.3any
larry_wallperl5.8.4.4any
larry_wallperl5.8.4.5any
sgipropack3.0any
ibmaix5.2any
ibmaix5.3any
redhatenterprise_linux3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux_desktop3.0any
redhatfedora_corecore_3.0any
susesuse_linux8.0any
susesuse_linux8.0any
susesuse_linux8.1any
susesuse_linux8.2any
susesuse_linux9.0any
susesuse_linux9.0any
susesuse_linux9.1any
susesuse_linux9.2any
trustixsecure_linux1.5any
trustixsecure_linux2.0any
trustixsecure_linux2.1any
trustixsecure_linux2.2any
ubuntuubuntu_linux4.1any
ubuntuubuntu_linux4.1any

References 15

  • distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056
  • fedoranews.org http://fedoranews.org/updates/FEDORA--.shtml
  • marc.info http://marc.info/?l=bugtraq&m=110737149402683&w=2
  • marc.info http://marc.info/?l=full-disclosure&m=110779721503111&w=2
  • secunia.com http://secunia.com/advisories/14120
  • secunia.com http://secunia.com/advisories/55314
  • digitalmunition.com http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml
    ExploitVendor Advisory
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:031
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-103.html
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-105.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/12426
    PatchVendor Advisory
  • trustix.org http://www.trustix.org/errata/2005/0003/
    PatchVendor Advisory
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/19208
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803

Remediation

  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-103.html
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-105.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/12426
    PatchVendor Advisory
  • trustix.org http://www.trustix.org/errata/2005/0003/
    PatchVendor Advisory