SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#722414

Perl vulnerable to buffer overflow in win32_stat()

Overview

A flaw in a standard function in some Perl distributions could allow an attacker to execute arbitrary code on the vulnerable system.

I. Description

The stat() Perl function, similar to the standard C stat() function, returns a list giving the status info for a file. Since the stat() function is UNIX-centric, some Perl distributions supply a function named win32_stat() that provides a wrapper around the stat() function for systems running Perl on Windows operating systems. A buffer overflow flaw in the way win32_stat() handles long filenames could allow an attacker to execute code on a system running an application that used the function.

Note that because this flaw exists in the Perl system itself, a vulnerability is only exposed through a Perl application that invokes win32_stat() (either explicitly or implicitly) on a filename supplied by the user. Since the flawed code does not get complied into Perl builds for UNIX systems, only systems running Perl on Windows are affected.

II. Impact

An attacker may be able to execute arbitrary code in the context of an application that uses the vulnerable function. The scope of the impact depends on how the affected application works. Applications that process filename input from the network, such as some web applications, would be vulnerable to a remote attacker. Applications that only process filename input from a local user would only be vulnerable to a local attacker.

III. Solution

Apply a patch


Patches have been developed to address this issue. For more information, see:


Note that these patches require the user to recompile the Perl interpreter for their system after application.

Systems Affected
No Information Available

References


http://www.idefense.com/application/poi/display?id=93&type=vulnerabilities

Credit

Thanks to Greg MacManus of iDEFENSE Labs for reporting this vulnerability.

This document was written by Chad R Dougherty based primarily on information provided by iDEFENSE.

Other Information

Date Public:2004-05-05
Date First Published:2004-06-09
Date Last Updated:2004-07-16
CERT Advisory: 
CVE-ID(s):CAN-2004-0377
NVD-ID(s):CAN-2004-0377
US-CERT Technical Alerts: 
Metric:13.50
Document Revision:20

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2004 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader