CVE-2005-3962, Re: Perl Format String Vulnerability
Michael Mansour
mic at npgx.com.au
Fri Dec 23 23:07:24 UTC 2005
> > Does this affect us?
> >
> > (1) HIGH: Perl Format String Vulnerability
> > Affected:
> > Perl versions 5.9.2 and 5.8.6 confirmed; potentially all Perl versions
> > Webmin version 1.23 and prior
> >
> > Description: Perl is widely used as a scripting language for a variety
> > of applications including web-based software. Perl contains a
> > vulnerability that can be triggered by passing a format specifier of the
> > form "%INT_MAXn". The vulnerability causes an integer variable in a Perl
> > function to wrap around (change its parity) that can be exploited to
> > execute arbitrary code. For instance, "%2147483647n" format specifier
> > will trigger the flaw in Perl running on 32-bit Operating Systems. Note
> > that the flaw can be exploited only via Perl-based applications that
> > contain a format string vulnerability. The discoverers have reportedly
> > found several applications that are vulnerable.
> > <<snip>>
>
> We are indeed vulnerable to this. As Pavel Kankovsky pointed out,
> RHL 7.3 is not likely vulnerable. But RHL 9, FC1 & FC2 appear to be
> vulnerable to this. This affects webmin as well, but we do not support
> webmin.
If you are running Webmin version 1.240 or older (and have logging via syslog
enabled), then this affects you. Webmin version 1.250 has been out for a while
which fixes this, so just upgrade. http://www.webmin.com
Michael.
More information about the fedora-legacy-list
mailing list