CVE-2011-4114

Severity

32%

Complexity

34%

Confidentiality

81%

The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE: a similar vulnerability was reported for PAR, but this has been assigned a different CVE identifier.

The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE: a similar vulnerability was reported for PAR, but this has been assigned a different CVE identifier.

CVSS 2.0 Base Score 3.3. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P).

Overview

Type

Roderich Schupp PAR::Packer (Par-Packer) module

First reported 13 years ago

2012-01-13 18:55:00

Last updated 13 years ago

2012-02-08 05:00:00

Affected Software

Roderich Schupp PAR::Packer (Par-Packer) module 0.63

0.63

Roderich Schupp PAR::Packer (Par-Packer) module 0.64

0.64

Roderich Schupp PAR::Packer (Par-Packer) module 0.65

0.65

Roderich Schupp PAR::Packer (Par-Packer) module 0.66

0.66

Roderich Schupp PAR::Packer (Par-Packer) module 0.67

0.67

Roderich Schupp PAR::Packer (Par-Packer) module 0.68

0.68

Roderich Schupp PAR::Packer (Par-Packer) module 0.69

0.69

Roderich Schupp PAR::Packer (Par-Packer) module 0.70

0.70

Roderich Schupp PAR::Packer (Par-Packer) module 0.71

0.71

Roderich Schupp PAR::Packer (Par-Packer) module 0.72

0.72

Roderich Schupp PAR::Packer (Par-Packer) module 0.73

0.73

Roderich Schupp PAR::Packer (Par-Packer) module 0.74

0.74

Roderich Schupp PAR::Packer (Par-Packer) module 0.75

0.75

Roderich Schupp PAR::Packer (Par-Packer) module 0.76

0.76

Roderich Schupp PAR::Packer (Par-Packer) module 0.77

0.77

Roderich Schupp PAR::Packer (Par-Packer) module 0.78

0.78

Roderich Schupp PAR::Packer (Par-Packer) module 0.79

0.79

Roderich Schupp PAR::Packer (Par-Packer) module 0.80

0.80

Roderich Schupp PAR::Packer (Par-Packer) module 0.81

0.81

Roderich Schupp PAR::Packer (Par-Packer) module 0.82

0.82

Roderich Schupp PAR::Packer (Par-Packer) module 0.83

0.83

Roderich Schupp PAR::Packer (Par-Packer) module 0.85

0.85

Roderich Schupp PAR::Packer (Par-Packer) module 0.86

0.86

Roderich Schupp PAR::Packer (Par-Packer) module 0.87

0.87

Roderich Schupp PAR::Packer (Par-Packer) module 0.88

0.88

Roderich Schupp PAR::Packer (Par-Packer) module 0.89

0.89

Roderich Schupp PAR::Packer (Par-Packer) module 0.90

0.90

Roderich Schupp PAR::Packer (Par-Packer) module 0.91

0.91

Roderich Schupp PAR::Packer (Par-Packer) module 0.92

0.92

Roderich Schupp PAR::Packer (Par-Packer) module 0.93

0.93

Roderich Schupp PAR::Packer (Par-Packer) module 0.94

0.94

Roderich Schupp PAR::Packer (Par-Packer) module 0.941

0.941

Roderich Schupp PAR::Packer (Par-Packer) module 0.942

0.942

Roderich Schupp PAR::Packer (Par-Packer) module 0.951

0.951

Roderich Schupp PAR::Packer (Par-Packer) module 0.952

0.952

Roderich Schupp PAR::Packer (Par-Packer) module 0.953

0.953

Roderich Schupp PAR::Packer (Par-Packer) module 0.954

0.954

Roderich Schupp PAR::Packer (Par-Packer) module 0.955

0.955

Roderich Schupp PAR::Packer (Par-Packer) module 0.956

0.956

Roderich Schupp PAR::Packer (Par-Packer) module 0.957

0.957

Roderich Schupp PAR::Packer (Par-Packer) module 0.958

0.958

Roderich Schupp PAR::Packer (Par-Packer) module 0.959

0.959

Roderich Schupp PAR::Packer (Par-Packer) module 0.960

0.960

Roderich Schupp PAR::Packer (Par-Packer) module 0.970

0.970

Roderich Schupp PAR::Packer (Par-Packer) module 0.973

0.973

Roderich Schupp PAR::Packer (Par-Packer) module 0.975

0.975

Roderich Schupp PAR::Packer (Par-Packer) module 0.976

0.976

Roderich Schupp PAR::Packer (Par-Packer) module 0.977

0.977

Roderich Schupp PAR::Packer (Par-Packer) module 0.978

0.978

Roderich Schupp PAR::Packer (Par-Packer) module 0.979

0.979

Roderich Schupp PAR::Packer (Par-Packer) module 0.980

0.980

Roderich Schupp PAR::Packer (Par-Packer) module 0.981

0.981

Roderich Schupp PAR::Packer (Par-Packer) module 0.982

0.982

Roderich Schupp PAR::Packer (Par-Packer) module 0.991

0.991

Roderich Schupp PAR::Packer (Par-Packer) module 0.992_01

0.992_01

Roderich Schupp PAR::Packer (Par-Packer) module 0.992_02

0.992_02

Roderich Schupp PAR::Packer (Par-Packer) module 0.992_03

0.992_03

Roderich Schupp PAR::Packer (Par-Packer) module 0.992_04

0.992_04

Roderich Schupp PAR::Packer (Par-Packer) module 0.992_05

0.992_05

Roderich Schupp PAR::Packer (Par-Packer) module 0.992_06

0.992_06

Roderich Schupp PAR::Packer (Par-Packer) module 1.000

1.000

Roderich Schupp PAR::Packer (Par-Packer) module 1.001

1.001

Roderich Schupp PAR::Packer (Par-Packer) module 1.002

1.002

Roderich Schupp PAR::Packer (Par-Packer) module 1.003

1.003

Roderich Schupp PAR::Packer (Par-Packer) module 1.004

1.004

Roderich Schupp PAR::Packer (Par-Packer) module 1.005

1.005

Roderich Schupp PAR::Packer (Par-Packer) module 1.006

1.006

Roderich Schupp PAR::Packer (Par-Packer) module 1.007

1.007

Roderich Schupp PAR::Packer (Par-Packer) module 1.008

1.008

Roderich Schupp PAR::Packer (Par-Packer) module 1.009

1.009

Roderich Schupp PAR::Packer (Par-Packer) module 1.010

1.010

References

FEDORA-2011-16859

FEDORA-2011-16856

Patch

[oss-security] 20111104 CVE request: unsafe use of /tmp in multiple CPAN modules

[oss-security] 20111104 Re: CVE request: unsafe use of /tmp in multiple CPAN modules

https://bugzilla.redhat.com/show_bug.cgi?id=753955

Patch

https://rt.cpan.org/Public/Bug/Display.html?id=69560

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.