ID CVE-2008-5302
Summary Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
References
Vulnerable Configurations
  • cpe:2.3:a:perl:perl:5.8.8:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.8:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:file\:\:path:1.08:*:*:*:*:*:*:*
    cpe:2.3:a:perl:file\:\:path:1.08:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:file\:\:path:2.07:*:*:*:*:*:*:*
    cpe:2.3:a:perl:file\:\:path:2.07:*:*:*:*:*:*:*
CVSS
Base: 6.9 (as of 11-10-2018 - 20:54)
Impact:
Exploitability:
CWE CWE-362
CAPEC
  • Leveraging Race Conditions
    The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with his version and cause the system to read the malicious file.
  • Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
    This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2013-04-29T04:11:18.738-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
    family unix
    id oval:org.mitre.oval:def:11076
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
    version 18
  • accepted 2014-01-20T04:01:30.072-05:00
    class vulnerability
    contributors
    • name Varun
      organization Hewlett-Packard
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    comment VMware ESX Server 4.0 is installed
    oval oval:org.mitre.oval:def:6293
    description Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
    family unix
    id oval:org.mitre.oval:def:6890
    status accepted
    submitted 2010-10-01T16:37:39.000-05:00
    title VMware ESX,Service Console update for perl.
    version 7
redhat via4
advisories
rhsa
id RHSA-2010:0458
rpms
  • perl-4:5.8.8-32.el5_5.1
  • perl-debuginfo-4:5.8.8-32.el5_5.1
  • perl-suidperl-4:5.8.8-32.el5_5.1
refmap via4
apple APPLE-SA-2010-03-29-1
bugtraq 20090120 rPSA-2009-0011-1 perl
confirm
debian DSA-1678
mandriva MDVSA-2010:116
misc http://www.gossamer-threads.com/lists/perl/porters/233695#233695
mlist [oss-security] 20081128 Re: [oss-security] CVE Request - cups, dovecot-managesieve, perl, wireshark
secunia
  • 32980
  • 33314
  • 40052
suse SUSE-SR:2009:004
ubuntu
  • USN-700-1
  • USN-700-2
xf perl-filepath-symlink(47043)
statements via4
contributor Tomas Hoger
lastmodified 2010-06-07
organization Red Hat
statement This issue has been addressed in perl packages as shipped in Red Hat Enterprise Linux 3 and 4 via https://rhn.redhat.com/errata/RHSA-2010-0457.html and Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2010-0458.html.
Last major update 11-10-2018 - 20:54
Published 01-12-2008 - 17:30
Last modified 11-10-2018 - 20:54
Back to Top