2.1

CVE-2005-0156

Exploit

EPSS 0.39%
Published 07.02.2005 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

Affected products Warnungen 0 Metrics 2 CWE 0 References 18

Data is provided by the National Vulnerability Database (NVD)

Larry Wall ≫ Perl Version5.8.0

Larry Wall ≫ Perl Version5.8.1

Larry Wall ≫ Perl Version5.8.3

Larry Wall ≫ Perl Version5.8.4

Larry Wall ≫ Perl Version5.8.4.1

Larry Wall ≫ Perl Version5.8.4.2

Larry Wall ≫ Perl Version5.8.4.2.3

Larry Wall ≫ Perl Version5.8.4.3

Larry Wall ≫ Perl Version5.8.4.4

Larry Wall ≫ Perl Version5.8.4.5

Sgi ≫ Propack Version3.0

Ibm ≫ Aix Version5.2

Ibm ≫ Aix Version5.3

Redhat ≫ Enterprise Linux Version3.0 Editionadvanced_server

Redhat ≫ Enterprise Linux Version3.0 Editionenterprise_server

Redhat ≫ Enterprise Linux Version3.0 Editionworkstation_server

Redhat ≫ Enterprise Linux Desktop Version3.0

Redhat ≫ Fedora Core Versioncore_3.0

Suse ≫ Suse Linux Version8.0

Suse ≫ Suse Linux Version8.0 Editioni386

Suse ≫ Suse Linux Version8.1

Suse ≫ Suse Linux Version8.2

Suse ≫ Suse Linux Version9.0

Suse ≫ Suse Linux Version9.0 Editionx86_64

Suse ≫ Suse Linux Version9.1

Suse ≫ Suse Linux Version9.2

Trustix ≫ Secure Linux Version1.5

Trustix ≫ Secure Linux Version2.0

Trustix ≫ Secure Linux Version2.1

Trustix ≫ Secure Linux Version2.2

Ubuntu ≫ Ubuntu Linux Version4.1 Editionia64

Ubuntu ≫ Ubuntu Linux Version4.1 Editionppc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.39%	0.568

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:P/A:N

http://www.trustix.org/errata/2005/0003/

Patch

Vendor Advisory

http://fedoranews.org/updates/FEDORA--.shtml

http://secunia.com/advisories/55314

http://www.redhat.com/support/errata/RHSA-2005-103.html

Patch

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-105.html

Patch

Vendor Advisory

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056

http://marc.info/?l=bugtraq&m=110737149402683&w=2

http://marc.info/?l=full-disclosure&m=110779721503111&w=2

http://secunia.com/advisories/14120

http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt

http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml

Vendor Advisory

Exploit

http://www.mandriva.com/security/advisories?name=MDKSA-2005:031

http://www.securityfocus.com/bid/12426

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19208

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803

https://nvd.nist.gov/vuln/detail/CVE-2005-0156

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-0156

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-0156

EUVD