CVE-2011-3597
published 2012-01-13CVE-2011-3597: Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor.
PriorityP262high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
13.53%
96.0th percentile
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | perl | < perl 5.12.4-6 (bookworm) | perl 5.12.4-6 (bookworm) |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| gisle_aas | digest | — | — |
| perl | perl | >= 0 < 5.12.4-6 | 5.12.4-6 |
| perl | perl | >= 0 < 5.12.4-6 | 5.12.4-6 |
| perl | perl | >= 0 < 5.12.4-6 | 5.12.4-6 |
| perl | perl | >= 0 < 5.12.4-6 | 5.12.4-6 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for eval() calls in Perl processes where the argument to Digest->new() constructor contains characters indicative of code injection (e.g., semicolons, print statements, exit calls, or arbitrary Perl expressions) rather than a plain algorithm name string. ↗
- →Flag use of Digest module versions prior to 1.17 in Perl environments; the vulnerable code path is the 'new' constructor performing an unsanitized eval of the algorithm name (e.g., `eval "require $class"`). ↗
- →Investigate deserialization paths using Data::Serializer that invoke Digest->new() with attacker-controlled algorithm names, as this is a known exploitation vector for this CVE. ↗
- ·Exploitation requires the attacker to control the algorithm name argument passed to Digest->new(); this is considered a high-complexity precondition, reducing practical exploitability. ↗
- ·Red Hat Directory Server 8 (perl package) was marked 'Will not fix', meaning patched versions may not be available for all affected platforms. ↗
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5LOW
vendor_redhat7.5HIGH
vendor_ubuntu5.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Perl vulnerabilities
vendor_ubuntu·2012-11-30·CVSS 5.1
CVE-2011-2939 [MEDIUM] Perl vulnerabilities
Title: Perl vulnerabilities
Summary: Perl programs could be made to crash or run programs if they receive
specially crafted network traffic or other input.
It was discovered that the decode_xs function in the Encode module is
vulnerable to a heap-based buffer overflow via a crafted Unicode string.
An attacker could use this overflow to cause a denial of service.
(CVE-2011-2939)
It was discovered that the 'new' constructor in the Digest module is
vulnerable to an eval injection. An attacker could use this to execute
arbitrary code. (CVE-2011-3597)
It was discovered that Perl's 'x' string repeat operator is vulnerable
to a heap-based buffer overflow. An attacker could use this to execute
arbitrary code. (CVE-2012-5195)
Ryo Anazawa discovered that the CGI.pm module does not properly esca
Red Hat
Perl Digest improper control of generation of code
vendor_redhat·2011-10-02·CVSS 7.5
CVE-2011-3597 [HIGH] Perl Digest improper control of generation of code
Perl Digest improper control of generation of code
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor.
Package: perl (Red Hat Directory Server 8) - Will not fix
Debian
CVE-2011-3597: perl - Eval injection vulnerability in the Digest module before 1.17 for Perl allows co...
vendor_debian·2011·CVSS 7.5
CVE-2011-3597 [HIGH] CVE-2011-3597: perl - Eval injection vulnerability in the Digest module before 1.17 for Perl allows co...
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor.
Scope: local
bookworm: resolved (fixed in 5.12.4-6)
bullseye: resolved (fixed in 5.12.4-6)
forky: resolved (fixed in 5.12.4-6)
sid: resolved (fixed in 5.12.4-6)
trixie: resolved (fixed in 5.12.4-6)
GHSA
GHSA-42c5-x389-m7vp: Eval injection vulnerability in the Digest module before 1
ghsa_unreviewed·2022-05-17
CVE-2011-3597 [HIGH] CWE-20 GHSA-42c5-x389-m7vp: Eval injection vulnerability in the Digest module before 1
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor.
OSV
CVE-2011-3597: Eval injection vulnerability in the Digest module before 1
osv·2012-01-13·CVSS 7.5
CVE-2011-3597 [HIGH] CVE-2011-3597: Eval injection vulnerability in the Digest module before 1
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor.
No detection rules found.
http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.aschttp://cpansearch.perl.org/src/GAAS/Digest-1.17/Changeshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735http://secunia.com/advisories/46279http://secunia.com/advisories/51457http://www.mandriva.com/security/advisories?name=MDVSA-2012:008http://www.mandriva.com/security/advisories?name=MDVSA-2012:009http://www.redhat.com/support/errata/RHSA-2011-1424.htmlhttp://www.redhat.com/support/errata/RHSA-2011-1797.htmlhttp://www.securityfocus.com/bid/49911http://www.ubuntu.com/usn/USN-1643-1https://bugzilla.redhat.com/show_bug.cgi?id=743010https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19446http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.aschttp://cpansearch.perl.org/src/GAAS/Digest-1.17/Changeshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735http://secunia.com/advisories/46279http://secunia.com/advisories/51457http://www.mandriva.com/security/advisories?name=MDVSA-2012:008http://www.mandriva.com/security/advisories?name=MDVSA-2012:009http://www.redhat.com/support/errata/RHSA-2011-1424.htmlhttp://www.redhat.com/support/errata/RHSA-2011-1797.htmlhttp://www.securityfocus.com/bid/49911http://www.ubuntu.com/usn/USN-1643-1https://bugzilla.redhat.com/show_bug.cgi?id=743010https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19446
2012-01-13
Published