CVE-2008-2827
published 2008-06-23CVE-2008-2827: The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the…
PriorityP420medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EXPLOIT
EPSS
0.85%
53.5th percentile
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | perl | < perl 5.10.0-18 (bookworm) | perl 5.10.0-18 (bookworm) |
| debian | perl | < perl 5.10.0-11 (bookworm) | perl 5.10.0-11 (bookworm) |
| perl | file | — | — |
| perl | perl | — | — |
| perl | perl | >= 0 < 5.10.0-18 | 5.10.0-18 |
| perl | perl | >= 0 < 5.10.0-11 | 5.10.0-11 |
| perl | perl | >= 0 < 5.10.0-18 | 5.10.0-18 |
| perl | perl | >= 0 < 5.10.0-11 | 5.10.0-11 |
| perl | perl | >= 0 < 5.10.0-18 | 5.10.0-18 |
| perl | perl | >= 0 < 5.10.0-11 | 5.10.0-11 |
| perl | perl | >= 0 < 5.10.0-18 | 5.10.0-18 |
| perl | perl | >= 0 < 5.10.0-11 | 5.10.0-11 |
CVSS provenance
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv2.6LOW
vendor_debian2.6LOW
vendor_redhat2.6LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
vendor_redhat·2008-11-19·CVSS 2.6
CVE-2008-5302 [LOW] perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
Red Hat
perl: File:: Path rmtree race condition (CVE-2004-0452) reintroduced after upstream rebase to 5.8.8-1
vendor_redhat·2008-11-19·CVSS 2.6
CVE-2008-5303 [LOW] perl: File:: Path rmtree race condition (CVE-2004-0452) reintroduced after upstream rebase to 5.8.8-1
perl: File:: Path rmtree race condition (CVE-2004-0452) reintroduced after upstream rebase to 5.8.8-1
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
Red Hat
perl: insecure use of chmod in rmtree
vendor_redhat·2008-06-20·CVSS 2.6
CVE-2008-2827 [LOW] perl: insecure use of chmod in rmtree
perl: insecure use of chmod in rmtree
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
Statement: Not vulnerable. This issue did not affect the versions of perl as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5, Red Hat Application Stack 1, or Solaris versions of Red Hat Directory Server 7.1 and 8, Certificate System 7.x.
Debian
CVE-2008-5303: perl - Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in P...
vendor_debian·2008·CVSS 2.6
CVE-2008-5303 [LOW] CVE-2008-5303: perl - Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in P...
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
Scope: local
bookworm: resolved (fixed in 5.10.0-18)
bullseye: resolved (fixed in 5.10.0-18)
forky: resolved (fixed in 5.10.0-18)
sid: resolved (fixed in 5.10.0-18)
trixie: resolved (fixed in 5.10.0-18)
Debian
CVE-2008-2827: perl - The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check per...
vendor_debian·2008·CVSS 2.6
CVE-2008-2827 [LOW] CVE-2008-2827: perl - The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check per...
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
Scope: local
bookworm: resolved (fixed in 5.10.0-11)
bullseye: resolved (fixed in 5.10.0-11)
forky: resolved (fixed in 5.10.0-11)
sid: resolved (fixed in 5.10.0-11)
trixie: resolved (fixed in 5.10.0-11)
Debian
CVE-2008-5302: perl - Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path...
vendor_debian·2008·CVSS 2.6
CVE-2008-5302 [LOW] CVE-2008-5302: perl - Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path...
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
Scope: local
bookworm: resolved (fixed in 5.10.0-18)
bullseye: resolved (fixed in 5.10.0-18)
forky: resolved (fixed in 5.10.0-18)
sid: resolved (fixed in 5.10.0-18)
trixie: resolved (fixed in 5.10.0-18)
GHSA
GHSA-4m3f-gxf5-6jm9: Race condition in the rmtree function in File::Path 1
ghsa_unreviewed·2022-05-14·CVSS 2.6
CVE-2008-5303 [LOW] CWE-362 GHSA-4m3f-gxf5-6jm9: Race condition in the rmtree function in File::Path 1
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
GHSA
GHSA-8vc4-5x78-9hxf: Race condition in the rmtree function in File::Path 1
ghsa_unreviewed·2022-05-14·CVSS 2.6
CVE-2008-5302 [LOW] CWE-362 GHSA-8vc4-5x78-9hxf: Race condition in the rmtree function in File::Path 1
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
GHSA
GHSA-h567-wg66-2v4f: The rmtree function in lib/File/Path
ghsa_unreviewed·2022-05-01·CVSS 2.6
CVE-2008-2827 [LOW] GHSA-h567-wg66-2v4f: The rmtree function in lib/File/Path
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
OSV
CVE-2008-5302: Race condition in the rmtree function in File::Path 1
osv·2008-12-01·CVSS 2.6
CVE-2008-5302 [LOW] CVE-2008-5302: Race condition in the rmtree function in File::Path 1
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.
OSV
CVE-2008-5303: Race condition in the rmtree function in File::Path 1
osv·2008-12-01·CVSS 2.6
CVE-2008-5303 [LOW] CVE-2008-5303: Race condition in the rmtree function in File::Path 1
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.
OSV
CVE-2008-2827: The rmtree function in lib/File/Path
osv·2008-06-23·CVSS 2.6
CVE-2008-2827 [LOW] CVE-2008-2827: The rmtree function in lib/File/Path
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
No detection rules found.
Bugzilla
CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
bugzilla·2008-11-28·CVSS 2.6
CVE-2008-5302 [LOW] CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1
Created attachment 325021
Ours perl-5.8.0-CAN-2005-0448-rmtree.patch applied against perl_5.8.0-90.4
Common Vulnerabilities and Exposures originally assigned an identifier CVE-2005-0448 to the following vulnerability:
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being
deleted, a different vulnerability than CVE-2004-0452.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0448
It was discovered that after upstream perl rebase to 5.8.8-1, this issue
was reintroduced (seems upstream didn't apply fix for CVE-2005-0448).
This issue already fixed again in perl-5.1
Bugzilla
CVE-2008-2827 perl: insecure use of chmod in rmtree
bugzilla·2008-06-24·CVSS 2.6
CVE-2008-2827 [LOW] CVE-2008-2827 perl: insecure use of chmod in rmtree
CVE-2008-2827 perl: insecure use of chmod in rmtree
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-2827 to the following vulnerability:
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly
check permissions before performing a chmod, which allows local users
to modify the permissions of arbitrary files via a symlink attack, a
different vulnerability than CVE-2005-0448 and CVE-2004-0452.
References:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319
http://rt.cpan.org/Public/Bug/Display.html?id=36982
Discussion:
Created attachment 310113
Test case extracted from CPAN bug report
---
This issue did not affect the versions of perl as shipped with Red Hat
Enterprise Linux 2.1, 3, 4, or 5, Red Hat Application Stack 1 and Fedora 8.
---
Propose
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlhttp://rt.cpan.org/Public/Bug/Display.html?id=36982http://secunia.com/advisories/30790http://secunia.com/advisories/30837http://secunia.com/advisories/31687http://www.mandriva.com/security/advisories?name=MDVSA-2008:165http://www.securityfocus.com/bid/29902http://www.securitytracker.com/id?1020373https://exchange.xforce.ibmcloud.com/vulnerabilities/43308https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.htmlhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlhttp://rt.cpan.org/Public/Bug/Display.html?id=36982http://secunia.com/advisories/30790http://secunia.com/advisories/30837http://secunia.com/advisories/31687http://www.mandriva.com/security/advisories?name=MDVSA-2008:165http://www.securityfocus.com/bid/29902http://www.securitytracker.com/id?1020373https://exchange.xforce.ibmcloud.com/vulnerabilities/43308https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html
2008-06-23
Published