Vulnerability CVE-2002-1323 - CERT Civis.Net

Vulnerability Name:

CVE-2002-1323 (CCN-10574)

Assigned:

2002-11-05

Published:

2002-11-05

Updated:

2018-10-30

Summary:

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

CVSS v3 Severity:

5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Bypass Security

References:

Source: CALDERA
Type: UNKNOWN
CSSA-2004-007.0

Source: SCO
Type: UNKNOWN
SCOSA-2004.1

Source: CCN
Type: SGI Security Advisory 20030606-01-A
Perl "Safe.pm" vulnerability

Source: SGI
Type: UNKNOWN
20030606-01-A

Source: CCN
Type: SGI Security Advisory 20031002-01-U
SGI Advanced Linux Environment security update #3

Source: CCN
Type: VulnWatch Mailing List, Tue Nov 05 2002 - 23:59:18 CST
Perl Safe.pm compartment reuse vuln

Source: VULNWATCH
Type: UNKNOWN
20021105 Perl Safe.pm compartment reuse vuln

Source: CONFIRM
Type: UNKNOWN
http://bugs6.perl.org/rt2/Ticket/Display.html?id=17744

Source: MITRE
Type: CNA
CVE-2002-1323

Source: CCN
Type: SCO Security Advisory CSSA-2004-007.0
OpenLinux: Perl Safe.pm unsafe access

Source: BUGTRAQ
Type: UNKNOWN
20021216 [OpenPKG-SA-2002.014] OpenPKG Security Advisory (perl)

Source: BUGTRAQ
Type: UNKNOWN
20021219 TSLSA-2002-0087 - perl

Source: BUGTRAQ
Type: UNKNOWN
20021220 GLSA: perl

Source: CCN
Type: RHSA-2003-256
Updated Perl packages fix security issues.

Source: CCN
Type: RHSA-2003-257
perl security update

Source: CCN
Type: CPAN Web site
search.cpan.org: Safe - Compile and execute code in restricted compartments

Source: CONFIRM
Type: Patch
http://use.perl.org/articles/02/10/06/1118222.shtml?tid=5

Source: CCN
Type: CIAC Information Bulletin N-155
Red Hat Updated Perl packages fix security issues

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-208

Source: DEBIAN
Type: DSA-208
perl -- broken safe compartment

Source: XF
Type: Vendor Advisory
safe-pm-bypass-restrictions(10574)

Source: CCN
Type: Gentoo Linux Security Announcement 200212-6
perl -- broken safe compartment

Source: CCN
Type: SCO Security Advisory SCOSA-2004.1
UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : perl unsafe Safe compartment

Source: CCN
Type: OpenPKG-SA-2002.014
Perl Safe.pm

Source: OSVDB
Type: UNKNOWN
2183

Source: OSVDB
Type: UNKNOWN
3814

Source: CCN
Type: OSVDB ID: 2183
Perl Safe.pm Access Bypass

Source: CCN
Type: OSVDB ID: 3814
Multiple Unix Vendor passwd Malformed ulimit /etc/passwd Manipulation

Source: REDHAT
Type: UNKNOWN
RHSA-2003:256

Source: REDHAT
Type: UNKNOWN
RHSA-2003:257

Source: BID
Type: Patch, Vendor Advisory
6111

Source: CCN
Type: BID-6111
Safe.PM Unsafe Code Execution Vulnerability

Source: CCN
Type: Trustix Secure Linux Security Advisory #2002-0087
perl -- Safe compartments not being safe

Source: XF
Type: UNKNOWN
safe-pm-bypass-restrictions(10574)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1160

Vulnerable Configuration:

Configuration 1:

cpe:/a:safe.pm:safe.pm:2.0_6:*:*:*:*:*:*:*

OR cpe:/a:safe.pm:safe.pm:2.0_7:*:*:*:*:*:*:*

OR cpe:/a:sun:linux:5.0.7:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.1:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.2:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.3:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.4:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.5:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.6:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.7:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.8:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.9:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.10:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.11:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.12:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.13:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.14:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.15:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.16:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.17:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.17f:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.17m:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.18:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.18f:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.18m:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.19:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.19f:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.19m:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.20f:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.20m:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.21f:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.21m:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.22:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:*:*:*:*:*:*

OR cpe:/o:sco:open_unix:8.0:*:*:*:*:*:*:*

OR cpe:/o:sco:unixware:7.1.2:*:*:*:*:*:*:*

OR cpe:/o:sco:unixware:7.1.3:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:8.0:*:x86:*:*:*:*:*

OR cpe:/o:sun:solaris:9.0:*:sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:9.0:*:x86:*:*:*:*:*

OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.01:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*

OR cpe:/a:openpkg:openpkg:1.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*

OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*

OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:*

OR cpe:/a:openpkg:openpkg:1.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*

OR cpe:/o:sgi:irix:2.3.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:1160	V	Safe.PM Unsafe Code Execution Vulnerability	2008-07-07
oval:org.debian:def:208	V	broken safe compartment	2002-12-12