Vulnerability Name:

CVE-2008-2827 (CCN-43308)

Assigned:2008-06-20
Published:2008-06-20
Updated:2017-08-08
Summary:The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
CVSS v3 Severity:5.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
4.0 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
3.3 Low (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P)
2.9 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-264
Vulnerability Consequences:File Manipulation
References:Source: CCN
Type: Debian Bug report logs - #487319
perl-modules: File::Path::rmtree sets symlink target permissions to 0777

Source: CONFIRM
Type: Exploit
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319

Source: MITRE
Type: CNA
CVE-2008-2827

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:017

Source: CCN
Type: perldoc Web site
File::Path

Source: CCN
Type: CPAN Bug #36982
#36982: rmtree() makes symlink targets world-writable

Source: MISC
Type: Exploit
http://rt.cpan.org/Public/Bug/Display.html?id=36982

Source: CCN
Type: SA30790
Perl "File::Path::rmtree" Insecure chmod on Symbolic Links

Source: SECUNIA
Type: UNKNOWN
30790

Source: SECUNIA
Type: UNKNOWN
30837

Source: SECUNIA
Type: UNKNOWN
31687

Source: CCN
Type: SECTRACK ID: 1020373
Perl rmtree() Function Lets Local Users Gain Elevated Privileges

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:165

Source: BID
Type: UNKNOWN
29902

Source: CCN
Type: BID-29902
Perl 'rmtree()' Function Local Insecure Permissions Vulnerability

Source: SECTRACK
Type: UNKNOWN
1020373

Source: XF
Type: UNKNOWN
perl-filepath-rmtree-symlink(43308)

Source: XF
Type: UNKNOWN
perl-filepath-rmtree-symlink(43308)

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-5739

Source: SUSE
Type: SUSE-SR:2008:017
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:perl:perl:5.10:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20082827
    V
    		CVE-2008-2827
    2015-11-16
    BACK
    perl perl 5.10