Race Condition Vulnerability in File::Path Module by Perl
CVE-2004-0452

Currently unrated

Key Information:

Vendor: Larry Wall
Status: Perl
Vendor: CVE Published:; 21 December 2004

What is CVE-2004-0452?

A race condition exists in the rmtree function of the File::Path module in specific versions of Perl. This vulnerability can grant local users the ability to configure file and directory permissions insecurely. Exploiting this flaw through symlink attacks may enable unauthorized deletion of files or directories, as well as potential access to sensitive information. It is crucial for users and administrators to review their Perl installations and apply necessary patches to mitigate this risk.

References

http://www.redhat.com/support/errata/RHSA-2005-105.html

vendor-advisoryx_refsource_REDHAT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.redhat.com/support/errata/RHSA-2005-103.html

vendor-advisoryx_refsource_REDHAT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 21, 2004
Vulnerability Reserved
May 6, 2004

Larry Wall

What is CVE-2004-0452?

References

Timeline