CVE-2003-0900 — Wall Perl vulnerability

7 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 35.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
PerlLarry Wall Perl
Timeline
PublishedDec 31
Latest updateApr 29

Description

Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

â–¶Debianperl/perl< 5.8.2+3
â–¶NVDlarry_wall/perl5.8.1

🔴Vulnerability Details

3
GHSA
GHSA-x75m-p75h-4759: Perl 5↗2022-04-29
â–¶
CVEList
CVE-2003-0900: Perl 5↗2005-04-14
â–¶
OSV
CVE-2003-0900: Perl 5↗2003-12-31
â–¶

📋Vendor Advisories

3
Red Hat
ruby: Properly initialize the random number generator when forking new process↗2011-07-02
â–¶
Red Hat
ruby: Properly initialize the random number generator when forking new process↗2011-07-02
â–¶
Debian
CVE-2003-0900: perl - Perl 5.8.1 on Fedora Core does not properly initialize the random number generat...↗2003
â–¶
CVE-2003-0900 — Larry Wall Perl vulnerability | cvebase