Vulnerability CVE-2011-1487

Vulnerability Name:

CVE-2011-1487 (CCN-66528)

Assigned:

2011-03-30

Published:

2011-03-30

Updated:

2017-08-17

Summary:

The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

2.6 Low (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
1.9 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-264

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2011-1487

Source: FEDORA
Type: UNKNOWN
FEDORA-2011-4610

Source: FEDORA
Type: UNKNOWN
FEDORA-2011-4631

Source: SUSE
Type: UNKNOWN
SUSE-SR:2011:009

Source: MLIST
Type: Exploit, Patch
[oss-security] 20110401 CVE Request -- perl -- lc(), uc() routines are laundering tainted data

Source: MLIST
Type: Exploit, Patch
[oss-security] 20110404 Re: CVE Request -- perl -- lc(), uc() routines are laundering tainted data

Source: CONFIRM
Type: Patch
http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99

Source: CCN
Type: RHSA-2011-0558
Moderate: perl security and bug fix update

Source: CCN
Type: perlbug #87336
Function lc() is laundering tainted data in newer perls, contrary to docs

Source: CONFIRM
Type: Exploit
http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336

Source: CCN
Type: SA43921
Perl uc(), lc(), lcfirst(), and ucfirst() Taint Mode Bypass Weakness

Source: SECUNIA
Type: Vendor Advisory
43921

Source: SECUNIA
Type: UNKNOWN
44168

Source: DEBIAN
Type: UNKNOWN
DSA-2265

Source: DEBIAN
Type: DSA-2265
perl -- lack of tainted flag propagation

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:091

Source: CCN
Type: OSVDB ID: 75047
Perl Multiple Function Taint Protection Mechanism Bypass

Source: BID
Type: Exploit
47124

Source: CCN
Type: BID-47124
Perl 'lc()' and 'uc()' Functions TAINT Mode Protection Security Bypass Weakness

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=692844

Source: CONFIRM
Type: Exploit, Patch
https://bugzilla.redhat.com/show_bug.cgi?id=692898

Source: XF
Type: UNKNOWN
perl-laundering-security-bypass(66528)

Source: XF
Type: UNKNOWN
perl-laundering-security-bypass(66528)

Source: SUSE
Type: SUSE-SR:2011:009
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:perl:perl:5.10.0:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.10.0:rc1:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.10.0:rc2:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.10.1:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.10.1:rc1:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.10.1:rc2:*:*:*:*:*:*

Configuration 2:

cpe:/a:perl:perl:5.13.0:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.1:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.2:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.3:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.4:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.5:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.6:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.7:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.8:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.9:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.10:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.13.11:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:perl:perl:5.11.0:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.11.1:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.11.2:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.11.3:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.11.4:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.11.5:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:perl:perl:5.12.0:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.0:rc0:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.0:rc1:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.0:rc2:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.0:rc3:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.0:rc4:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.0:rc5:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.1:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.1:rc1:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.1:rc2:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.2:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.2:rc1:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.3:*:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.3:rc1:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.3:rc2:*:*:*:*:*:*

OR cpe:/a:perl:perl:5.12.3:rc3:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:larry_wall:perl:5:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:42420	P	Security update for logrotate (Important)	2022-07-25
oval:org.opensuse.security:def:20111487	V	CVE-2011-1487	2022-05-20
oval:org.opensuse.security:def:42211	P	Security update for openssh (Important)	2022-03-10
oval:org.opensuse.security:def:32233	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:26162	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:31697	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:26156	P	Security update for open-lldp (Moderate)	2021-10-26
oval:org.opensuse.security:def:31283	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:26139	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:31272	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:32194	P	Security update for xen (Important)	2021-09-23
oval:org.opensuse.security:def:31271	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:26130	P	Security update for ghostscript (Critical)	2021-09-21
oval:org.opensuse.security:def:32185	P	Security update for ghostscript (Critical)	2021-09-21
oval:org.opensuse.security:def:32976	P	Security update for cpio (Important)	2021-08-14
oval:org.opensuse.security:def:26099	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:26098	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:32145	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:26086	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:26072	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:31638	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:32937	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:36265	P	perl-32bit-5.10.0-64.72.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42672	P	perl-32bit-5.10.0-64.72.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36537	P	perl-base-32bit-5.10.0-64.72.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32091	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:32089	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:26033	P	Security update for ImageMagick (Moderate)	2021-04-20
oval:org.opensuse.security:def:31743	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:31732	P	Security update for krb5-appl (Important)	2021-02-19
oval:org.opensuse.security:def:31731	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:26192	P	Security update for php72 (Important)	2021-02-17
oval:org.opensuse.security:def:32255	P	Security update for the Linux Kernel (Important)	2021-02-12
oval:org.opensuse.security:def:31725	P	Security update for openvswitch (Important)	2021-02-12
oval:org.opensuse.security:def:26087	P	Security update for sudo (Important)	2021-01-26
oval:org.opensuse.security:def:31357	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:32098	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:25984	P	Security update for cyrus-sasl (Important)	2020-12-28
oval:org.opensuse.security:def:31565	P	Security update for openssl (Important)	2020-12-11
oval:org.opensuse.security:def:35804	P	perl-32bit-5.10.0-64.55.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:36013	P	perl-32bit-5.10.0-64.67.52 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25574	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:31846	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:26532	P	cron on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25563	P	Security update for xrdp (Important)	2020-12-01
oval:org.opensuse.security:def:31789	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:26493	P	Security update for phpMyAdmin (Important)	2020-12-01
oval:org.opensuse.security:def:26803	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25562	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26444	P	Security update for mumble (Moderate)	2020-12-01
oval:org.opensuse.security:def:26768	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26391	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:31491	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:26240	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:32485	P	PolicyKit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31480	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32446	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:32768	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31479	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32397	P	Security update for unzip (Moderate)	2020-12-01
oval:org.opensuse.security:def:32729	P	librpcsecgss on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26018	P	Security update for freerdp (Important)	2020-12-01
oval:org.opensuse.security:def:32341	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25890	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32047	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:25826	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26804	P	perl-HTML-Parser on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25815	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32041	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:26765	P	librsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27011	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25814	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31949	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:26716	P	gvim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26976	P	libtspi1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31817	P	Security update for atftp (Important)	2020-12-01
oval:org.opensuse.security:def:26663	P	PolicyKit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26338	P	Security update for Chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:26512	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:26294	P	Security update for bluez (Important)	2020-12-01
oval:org.opensuse.security:def:26428	P	Security update for redis (Moderate)	2020-12-01
oval:org.opensuse.security:def:26371	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26290	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32299	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:25931	P	Security update for libcares2 (Low)	2020-12-01
oval:org.opensuse.security:def:25780	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32025	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:25696	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:31986	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27263	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25639	P	Security update for libqt5-qtimageformats (Moderate)	2020-12-01
oval:org.opensuse.security:def:31937	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:27228	P	libxcrypt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25558	P	Security update for systemd (Moderate)	2020-12-01
oval:org.opensuse.security:def:31881	P	Security update for dnsmasq (Important)	2020-12-01
oval:org.opensuse.security:def:26590	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25430	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26546	P	findutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25366	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:26280	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:33228	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25355	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:31581	P	Security update for tar (Moderate)	2020-12-01
oval:org.opensuse.security:def:26241	P	Security update for evolution (Moderate)	2020-12-01
oval:org.opensuse.security:def:33189	P	libupsclient1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25354	P	Security update for mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:31489	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32551	P	libexiv2-4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32507	P	evolution-data-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25988	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:25904	P	Security update for gegl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27535	P	perl-base-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25847	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:27500	P	libwebkit-1_0-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25766	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:26862	P	apache2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25638	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31933	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:26818	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:13932	P	USN-1129-1 -- perl vulnerabilities	2014-06-30
oval:org.mitre.oval:def:13047	P	DSA-2265-1 perl -- lack of tainted flag propagation	2014-06-23
oval:org.mitre.oval:def:23460	P	ELSA-2011:0558: perl security and bug fix update (Moderate)	2014-05-26
oval:org.mitre.oval:def:21868	P	RHSA-2011:0558: perl security and bug fix update (Moderate)	2014-02-24
oval:com.redhat.rhsa:def:20110558	P	RHSA-2011:0558: perl security and bug fix update (Moderate)	2011-05-19

BACK