Untrusted Search Path Vulnerability in Perl on Gentoo Linux
CVE-2005-4278

Currently unrated

Key Information:

Vendor: Larry Wall
Status: Perl
Vendor: CVE Published:; 16 December 2005

What is CVE-2005-4278?

An untrusted search path vulnerability exists in Perl on Gentoo Linux before version 5.8.7-r1. This flaw enables local users within the portage group to exploit the system through a malicious shared object located in the Portage temporary build directory, as part of the RUNPATH. This vulnerability could potentially lead to privilege escalation, allowing unauthorized access to system resources.

References

http://www.vupen.com/english/advisories/2005/2119

vdb-entryx_refsource_VUPEN

http://www.gentoo.org/security/en/glsa/glsa-200510-14.xml

vendor-advisoryx_refsource_GENTOO

http://secunia.com/advisories/55314

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2005
Vulnerability Reserved
Dec 16, 2005

Larry Wall

What is CVE-2005-4278?

References

Timeline