Computer Security
[EN] securityvulns.ru no-pyccku


perl Module::Signature privilege escalation
Published:08.07.2013
Source:
SecurityVulns ID:13151
Type:library
Threat Level:
5/10
Description:Relative path is used to execute external application.
Affected:PERL : Module::Signature 0.68
CVE:CVE-2013-2145 (The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/.)
Original documentdocumentUBUNTU, [USN-1896-1] Module::Signature perl module vulnerability (08.07.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod