Race Condition Vulnerability in Perl's File::Path Affects Multiple Systems
CVE-2008-5303

Currently unrated

Key Information:

Vendor: Perl
Status: File\
Vendor: CVE Published:; 1 December 2008

What is CVE-2008-5303?

A race condition vulnerability exists in the rmtree function within the File::Path module of Perl, specifically version 1.08. This flaw allows local users to exploit symlink attacks to delete arbitrary files, posing a significant risk to the integrity of the filesystem. The vulnerability is primarily attributed to a regression error connected to earlier vulnerabilities and requires careful handling in user environments to mitigate potential threats.

References

http://secunia.com/advisories/32980

third-party-advisoryx_refsource_SECUNIA

http://wiki.rpath.com/Advisories:rPSA-2009-0011

x_refsource_CONFIRM

http://www.debian.org/security/2008/dsa-1678

vendor-advisoryx_refsource_DEBIAN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 1, 2008
Vulnerability Reserved
Dec 1, 2008