CVE-2004-0452
published 2004-12-21CVE-2004-0452: Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to…
PriorityP410low2.6CVSS 2.0
AVLACHAuNCNIPAP
EPSS
0.41%
32.4th percentile
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | perl | < perl 5.10.0-18 (bookworm) | perl 5.10.0-18 (bookworm) |
| debian | perl | < perl 5.8.4-7 (bookworm) | perl 5.8.4-7 (bookworm) |
| debian | perl | < perl 5.10.0-11 (bookworm) | perl 5.10.0-11 (bookworm) |
| debian | perl | < perl 5.8.4-5 (bookworm) | perl 5.8.4-5 (bookworm) |
| larry_wall | perl | — | — |
| larry_wall | perl | — | — |
| larry_wall | perl | — | — |
| larry_wall | perl | — | — |
| larry_wall | perl | — | — |
| perl | file | — | — |
| perl | perl | — | — |
| perl | perl | >= 0 < 5.10.0-18 | 5.10.0-18 |
| perl | perl | >= 0 < 5.8.4-7 | 5.8.4-7 |
| perl | perl | >= 0 < 5.8.4-5 | 5.8.4-5 |
| perl | perl | >= 0 < 5.10.0-11 | 5.10.0-11 |
| perl | perl | >= 0 < 5.10.0-18 | 5.10.0-18 |
| perl | perl | >= 0 < 5.8.4-7 | 5.8.4-7 |
| perl | perl | >= 0 < 5.8.4-5 | 5.8.4-5 |
| perl | perl | >= 0 < 5.10.0-11 | 5.10.0-11 |
| perl | perl | >= 0 < 5.10.0-18 | 5.10.0-18 |
| perl | perl | >= 0 < 5.8.4-7 | 5.8.4-7 |
| perl | perl | >= 0 < 5.8.4-5 | 5.8.4-5 |
| perl | perl | >= 0 < 5.10.0-11 | 5.10.0-11 |
| perl | perl | >= 0 < 5.10.0-18 | 5.10.0-18 |
| perl | perl | >= 0 < 5.8.4-7 | 5.8.4-7 |
CVSS provenance
nvdv2.02.6LOWAV:L/AC:H/Au:N/C:N/I:P/A:P
osv2.6LOW
vendor_debian2.6LOW
vendor_redhat2.6LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
vendor_redhat·2008-11-19·CVSS 2.6
CVE-2008-5302 [LOW] perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
Red Hat
perl: File:: Path rmtree race condition (CVE-2004-0452) reintroduced after upstream rebase to 5.8.8-1
vendor_redhat·2008-11-19·CVSS 2.6
CVE-2008-5303 [LOW] perl: File:: Path rmtree race condition (CVE-2004-0452) reintroduced after upstream rebase to 5.8.8-1
perl: File:: Path rmtree race condition (CVE-2004-0452) reintroduced after upstream rebase to 5.8.8-1
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
Red Hat
perl: insecure use of chmod in rmtree
vendor_redhat·2008-06-20·CVSS 2.6
CVE-2008-2827 [LOW] perl: insecure use of chmod in rmtree
perl: insecure use of chmod in rmtree
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
Statement: Not vulnerable. This issue did not affect the versions of perl as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5, Red Hat Application Stack 1, or Solaris versions of Red Hat Directory Server 7.1 and 8, Certificate System 7.x.
Debian
CVE-2008-5303: perl - Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in P...
vendor_debian·2008·CVSS 2.6
CVE-2008-5303 [LOW] CVE-2008-5303: perl - Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in P...
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
Scope: local
bookworm: resolved (fixed in 5.10.0-18)
bullseye: resolved (fixed in 5.10.0-18)
forky: resolved (fixed in 5.10.0-18)
sid: resolved (fixed in 5.10.0-18)
trixie: resolved (fixed in 5.10.0-18)
Debian
CVE-2008-2827: perl - The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check per...
vendor_debian·2008·CVSS 2.6
CVE-2008-2827 [LOW] CVE-2008-2827: perl - The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check per...
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
Scope: local
bookworm: resolved (fixed in 5.10.0-11)
bullseye: resolved (fixed in 5.10.0-11)
forky: resolved (fixed in 5.10.0-11)
sid: resolved (fixed in 5.10.0-11)
trixie: resolved (fixed in 5.10.0-11)
Debian
CVE-2008-5302: perl - Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path...
vendor_debian·2008·CVSS 2.6
CVE-2008-5302 [LOW] CVE-2008-5302: perl - Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path...
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
Scope: local
bookworm: resolved (fixed in 5.10.0-18)
bullseye: resolved (fixed in 5.10.0-18)
forky: resolved (fixed in 5.10.0-18)
sid: resolved (fixed in 5.10.0-18)
trixie: resolved (fixed in 5.10.0-18)
Red Hat
security flaw
vendor_redhat·2005-03-09·CVSS 2.6
CVE-2005-0448 [LOW] security flaw
security flaw
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
Debian
CVE-2005-0448: perl - Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allo...
vendor_debian·2005·CVSS 2.6
CVE-2005-0448 [LOW] CVE-2005-0448: perl - Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allo...
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
Scope: local
bookworm: resolved (fixed in 5.8.4-7)
bullseye: resolved (fixed in 5.8.4-7)
forky: resolved (fixed in 5.8.4-7)
sid: resolved (fixed in 5.8.4-7)
trixie: resolved (fixed in 5.8.4-7)
Red Hat
security flaw
vendor_redhat·2004-12-23·CVSS 2.6
CVE-2004-0452 [LOW] security flaw
security flaw
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.
Ubuntu
perl information leak
vendor_ubuntu·2004-12-21
CVE-2004-0452 perl information leak
Title: perl information leak
Summary: perl information leak
A race condition and possible information leak has been discovered in
Perl's File::Path::rmtree(). This function changes the permission of
files and directories before removing them to avoid problems with
wrong permissions. However, they were made readable and writable not
only for the owner, but for the entire world, which opened a race
condition and a possible information leak (if the actual removal of a
file/directory failed for some reason).
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2004-0452: perl - Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and...
vendor_debian·2004·CVSS 2.6
CVE-2004-0452 [LOW] CVE-2004-0452: perl - Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and...
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.
Scope: local
bookworm: resolved (fixed in 5.8.4-5)
bullseye: resolved (fixed in 5.8.4-5)
forky: resolved (fixed in 5.8.4-5)
sid: resolved (fixed in 5.8.4-5)
trixie: resolved (fixed in 5.8.4-5)
GHSA
GHSA-4m3f-gxf5-6jm9: Race condition in the rmtree function in File::Path 1
ghsa_unreviewed·2022-05-14·CVSS 2.6
CVE-2008-5303 [LOW] CWE-362 GHSA-4m3f-gxf5-6jm9: Race condition in the rmtree function in File::Path 1
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
GHSA
GHSA-8vc4-5x78-9hxf: Race condition in the rmtree function in File::Path 1
ghsa_unreviewed·2022-05-14·CVSS 2.6
CVE-2008-5302 [LOW] CWE-362 GHSA-8vc4-5x78-9hxf: Race condition in the rmtree function in File::Path 1
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
GHSA
GHSA-2jcf-pv2j-gqvq: Race condition in the rmtree function in File::Path
ghsa_unreviewed·2022-05-03·CVSS 2.6
CVE-2005-0448 [LOW] GHSA-2jcf-pv2j-gqvq: Race condition in the rmtree function in File::Path
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
GHSA
GHSA-27g6-7ffq-cf4w: Race condition in the rmtree function in the File::Path module in Perl 5
ghsa_unreviewed·2022-05-03
CVE-2004-0452 [LOW] GHSA-27g6-7ffq-cf4w: Race condition in the rmtree function in the File::Path module in Perl 5
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.
GHSA
GHSA-h567-wg66-2v4f: The rmtree function in lib/File/Path
ghsa_unreviewed·2022-05-01·CVSS 2.6
CVE-2008-2827 [LOW] GHSA-h567-wg66-2v4f: The rmtree function in lib/File/Path
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
OSV
CVE-2008-5302: Race condition in the rmtree function in File::Path 1
osv·2008-12-01·CVSS 2.6
CVE-2008-5302 [LOW] CVE-2008-5302: Race condition in the rmtree function in File::Path 1
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
OSV
CVE-2008-5303: Race condition in the rmtree function in File::Path 1
osv·2008-12-01·CVSS 2.6
CVE-2008-5303 [LOW] CVE-2008-5303: Race condition in the rmtree function in File::Path 1
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
OSV
CVE-2008-2827: The rmtree function in lib/File/Path
osv·2008-06-23·CVSS 2.6
CVE-2008-2827 [LOW] CVE-2008-2827: The rmtree function in lib/File/Path
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
OSV
CVE-2005-0448: Race condition in the rmtree function in File::Path
osv·2005-05-02·CVSS 2.6
CVE-2005-0448 [LOW] CVE-2005-0448: Race condition in the rmtree function in File::Path
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
OSV
CVE-2004-0452: Race condition in the rmtree function in the File::Path module in Perl 5
osv·2004-12-21·CVSS 2.6
CVE-2004-0452 [LOW] CVE-2004-0452: Race condition in the rmtree function in the File::Path module in Perl 5
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-0448 security flaw
bugzilla·2018-08-16·CVSS 2.6
CVE-2005-0448 [LOW] CVE-2005-0448 security flaw
CVE-2005-0448 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
Bugzilla
CVE-2004-0452 security flaw
bugzilla·2018-08-16·CVSS 2.6
CVE-2004-0452 [LOW] CVE-2004-0452 security flaw
CVE-2004-0452 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.
Bugzilla
CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
bugzilla·2008-11-28·CVSS 2.6
CVE-2008-5302 [LOW] CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
Created attachment 325021
Ours perl-5.8.0-CAN-2005-0448-rmtree.patch applied against perl_5.8.0-90.4
Common Vulnerabilities and Exposures originally assigned an identifier CVE-2005-0448 to the following vulnerability:
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being
deleted, a different vulnerability than CVE-2004-0452.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0448
It was discovered that after upstream perl rebase to 5.8.8-1, this issue
was reintroduced (seems upstream didn't apply fix for CVE-2005-0448).
This issue already fixed again in perl-5.1
Bugzilla
CVE-2008-2827 perl: insecure use of chmod in rmtree
bugzilla·2008-06-24·CVSS 2.6
CVE-2008-2827 [LOW] CVE-2008-2827 perl: insecure use of chmod in rmtree
CVE-2008-2827 perl: insecure use of chmod in rmtree
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-2827 to the following vulnerability:
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly
check permissions before performing a chmod, which allows local users
to modify the permissions of arbitrary files via a symlink attack, a
different vulnerability than CVE-2005-0448 and CVE-2004-0452.
References:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319
http://rt.cpan.org/Public/Bug/Display.html?id=36982
Discussion:
Created attachment 310113
Test case extracted from CPAN bug report
---
This issue did not affect the versions of perl as shipped with Red Hat
Enterprise Linux 2.1, 3, 4, or 5, Red Hat Application Stack 1 and Fedora 8.
---
Propose
Bugzilla
CVE-2005-0448 perl File::Path.pm rmtree race condition
bugzilla·2005-06-20·CVSS 1.2
CVE-2005-0448 [LOW] CVE-2005-0448 perl File::Path.pm rmtree race condition
CVE-2005-0448 perl File::Path.pm rmtree race condition
+++ This bug was initially created as a clone of Bug #157694 +++
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4
allows local users to create arbitrary setuid binaries in the tree being
deleted, a different vulnerability than CAN-2004-0452.
http://marc.theaimsgroup.com/?l=bugtraq&m=111039131424834&w=2
Discussion:
fixed with perl-5.6.1-38.EL2_1
---
assigning to [email protected]
---
We've not shipped perl-5.6.1-38.EL2_1 therefore leaving open until we do.
---
EL2.1 reached end of life.
Bugzilla
CVE-2004-0452 File::Path::rmtree() issue
bugzilla·2004-11-23·CVSS 2.6
CVE-2004-0452 [LOW] CVE-2004-0452 File::Path::rmtree() issue
CVE-2004-0452 File::Path::rmtree() issue
Debian reported to vendor-sec earlier in the year a possible issue in
File::Path::rmtree. "It seems that in the process of recursing the
tree, File::Path::rmtree uses chmod to set various things to be world
writable. This would seem to open the usual race conditions in
situations where they would not otherwise exist, due to the directories
involved having sane permissions."
Possibly not public; checking with Debian.
Discussion:
Created attachment 107309
patch proposed from Chip
---
This bug has been fixed since RHEL-3-U5 with perl-5.8.0-89.10, in the
RHEL-3-embargo CVS branch. Chip's patches for this have now been applied
to the HEAD CVS branch, and this issue is also fixed in perl-5.8.0-90.2 .
---
Verified, fixed by http://rhn.redhat.com/er
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-Uhttp://fedoranews.org/updates/FEDORA--.shtmlhttp://marc.info/?l=bugtraq&m=110547693019788&w=2http://secunia.com/advisories/12991http://secunia.com/advisories/18517http://secunia.com/advisories/55314http://www.debian.org/security/2004/dsa-620http://www.gentoo.org/security/en/glsa/glsa-200501-38.xmlhttp://www.redhat.com/support/errata/RHSA-2005-103.htmlhttp://www.redhat.com/support/errata/RHSA-2005-105.htmlhttp://www.securityfocus.com/bid/12072https://exchange.xforce.ibmcloud.com/vulnerabilities/18650https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9938https://www.ubuntu.com/usn/usn-44-1/ftp://patches.sgi.com/support/free/security/advisories/20060101-01-Uhttp://fedoranews.org/updates/FEDORA--.shtmlhttp://marc.info/?l=bugtraq&m=110547693019788&w=2http://secunia.com/advisories/12991http://secunia.com/advisories/18517http://secunia.com/advisories/55314http://www.debian.org/security/2004/dsa-620http://www.gentoo.org/security/en/glsa/glsa-200501-38.xmlhttp://www.redhat.com/support/errata/RHSA-2005-103.htmlhttp://www.redhat.com/support/errata/RHSA-2005-105.htmlhttp://www.securityfocus.com/bid/12072https://exchange.xforce.ibmcloud.com/vulnerabilities/18650https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9938https://www.ubuntu.com/usn/usn-44-1/
2004-12-21
Published