CVE-2004-0976
published 2005-02-09CVE-2004-0976: Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink…
PriorityP46low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.43%
34.2th percentile
Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | perl | < perl 5.8.4-4 (bookworm) | perl 5.8.4-4 (bookworm) |
| larry_wall | perl | — | — |
| larry_wall | perl | — | — |
| larry_wall | perl | — | — |
| larry_wall | perl | — | — |
| larry_wall | perl | — | — |
| perl | perl | >= 0 < 5.8.4-4 | 5.8.4-4 |
| perl | perl | >= 0 < 5.8.4-4 | 5.8.4-4 |
| perl | perl | >= 0 < 5.8.4-4 | 5.8.4-4 |
| perl | perl | >= 0 < 5.8.4-4 | 5.8.4-4 |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
osv2.1LOW
vendor_debian2.1LOW
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
perl vulnerabilities
vendor_ubuntu·2004-11-03
CVE-2004-0976 perl vulnerabilities
Title: perl vulnerabilities
Summary: perl vulnerabilities
Recently, Trustix Secure Linux discovered some vulnerabilities in the
perl package. The utility "instmodsh", the Perl package "PPPort.pm",
and several test scripts (which are not shipped and only used during
build) created temporary files in an insecure way, which could allow a
symlink attack to create or overwrite arbitrary files with the
privileges of the user invoking the program, or building the perl
package, respectively.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2004-09-30·CVSS 2.1
CVE-2004-0976 [LOW] security flaw
security flaw
Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Statement: Red Hat is aware of this issue and is tracking it via the following bug:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=140058
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:
http://www.redhat.com/security/updates/classification/
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Debian
CVE-2004-0976: perl - Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and...
vendor_debian·2004·CVSS 2.1
CVE-2004-0976 [LOW] CVE-2004-0976: perl - Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and...
Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Scope: local
bookworm: resolved (fixed in 5.8.4-4)
bullseye: resolved (fixed in 5.8.4-4)
forky: resolved (fixed in 5.8.4-4)
sid: resolved (fixed in 5.8.4-4)
trixie: resolved (fixed in 5.8.4-4)
GHSA
GHSA-6qxh-9332-mwqh: Multiple scripts in the perl package in Trustix Secure Linux 1
ghsa_unreviewed·2022-04-29
CVE-2004-0976 [LOW] GHSA-6qxh-9332-mwqh: Multiple scripts in the perl package in Trustix Secure Linux 1
Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
OSV
CVE-2004-0976: Multiple scripts in the perl package in Trustix Secure Linux 1
osv·2005-02-09·CVSS 2.1
CVE-2004-0976 [LOW] CVE-2004-0976: Multiple scripts in the perl package in Trustix Secure Linux 1
Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2004-0976 security flaw
bugzilla·2018-08-16·CVSS 2.1
CVE-2004-0976 [LOW] CVE-2004-0976 security flaw
CVE-2004-0976 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
---
Statement:
Red Hat is aware of this issue and is tracking it via the following bug:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=140058
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:
http://www.redhat.com/security/updates/classification/
Red Hat Enterprise Linux 5 is
Bugzilla
CVE-2004-0976 temporary file vulnerabilities in Perl
bugzilla·2005-11-08·CVSS 2.1
CVE-2004-0976 [LOW] CVE-2004-0976 temporary file vulnerabilities in Perl
CVE-2004-0976 temporary file vulnerabilities in Perl
This issue affects RHEL-4 also - fixing in perl-5.8.5-17.RHEL4 .
Discussion:
Fixed in perl-5.8.5-17.RHEL4 .
---
assigning to [email protected]
Bugzilla
CVE-2004-0976 temporary file vulnerabilities in Perl
bugzilla·2004-11-19·CVSS 2.1
CVE-2004-0976 [LOW] CVE-2004-0976 temporary file vulnerabilities in Perl
CVE-2004-0976 temporary file vulnerabilities in Perl
OWL disclosed a number of fixes for temporary file vulnerabilities in
Perl. Patch is attachment 105443.
Discussion:
Any news on this topic?
---
This issue has been assigned a severity of "low" due to the very limited damage,
along with extreme difficulty in exploiting. We do not plan to fix this issue
by itself, but rather wait for another more serious issue and include this fix
at that time.
If you feel our severity rating is too low, please let me know.
---
fixed with perl-5.6.1-38.EL2_1
---
assigning to [email protected]
Bugzilla
CAN-2004-0452, CAN-2004-0976, CAN-2005-0155, CAN-2005-0156, CAN-2005-0448 multiple perl vulns
bugzilla·2004-11-09
[MEDIUM] CAN-2004-0452, CAN-2004-0976, CAN-2005-0155, CAN-2005-0156, CAN-2005-0448 multiple perl vulns
CAN-2004-0452, CAN-2004-0976, CAN-2005-0155, CAN-2005-0156, CAN-2005-0448 multiple perl vulns
http://secunia.com/advisories/12991/
Multiple vulnerabilities have been reported in Perl, which can be exploited by
malicious, local users to perform certain actions on a vulnerable system with
escalated privileges.
The vulnerabilities are caused due to various scripts creating temporary files
insecurely. This can be exploited via symlink attacks to create or overwrite
arbitrary files on the system with the privileges of the user executing a
vulnerable script.
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0976
Red Hat Bugzilla:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136325
------- Additional Comments From [email protected] 2004-12-08 09:57:28 ----
Created an atta
Bugzilla
CVE-2004-0976 temporary file vulnerabilities in Perl
bugzilla·2004-10-19·CVSS 2.1
CVE-2004-0976 [LOW] CVE-2004-0976 temporary file vulnerabilities in Perl
CVE-2004-0976 temporary file vulnerabilities in Perl
OWL disclosed a number of fixes for temporary file vulnerabilities in
Perl. Patch attached.
Affects: RHEL3
Affects: RHEL2.1
Discussion:
Created attachment 105443
OWL patch for Perl tempfile issues (needs backporting)
---
This bug is fixed with perl-5.8.0-90.2 .
---
Hi Jason,
You may wish to look at bug 175467 for an issue with Solar Designer's OWL patch
with regards to the file name used in perl5db.pl. It may not have been cor-
rected in the RHEL 3 package if the (unreleased?) perl-5.8.0-90.2 package is
using an unmodified backported attachment 105443.
As a matter of fact, there are now a couple issues that have been corrected
Solar Designer's OWL tempfile patch. The version of that patch in attachment
105443 is likely revision
http://fedoranews.org/updates/FEDORA--.shtmlhttp://marc.info/?l=bugtraq&m=110547693019788&w=2http://secunia.com/advisories/17661http://secunia.com/advisories/18075http://www.debian.org/security/2004/dsa-620http://www.mandriva.com/security/advisories?name=MDKSA-2005:031http://www.redhat.com/support/errata/RHSA-2005-881.htmlhttp://www.securityfocus.com/bid/11294http://www.trustix.org/errata/2004/0050https://exchange.xforce.ibmcloud.com/vulnerabilities/17583https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9752http://fedoranews.org/updates/FEDORA--.shtmlhttp://marc.info/?l=bugtraq&m=110547693019788&w=2http://secunia.com/advisories/17661http://secunia.com/advisories/18075http://www.debian.org/security/2004/dsa-620http://www.mandriva.com/security/advisories?name=MDKSA-2005:031http://www.redhat.com/support/errata/RHSA-2005-881.htmlhttp://www.securityfocus.com/bid/11294http://www.trustix.org/errata/2004/0050https://exchange.xforce.ibmcloud.com/vulnerabilities/17583https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9752
2005-02-09
Published