FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-0448

This CVE name corresponds to:

Entered Topic
2009-02-03 perl -- Directory Permissions Race Condition
2009-01-03 p5-File-Path -- rmtree allows creation of setuid files

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2005-0448 at cve.mitre.org

Details

Type Candidate
Name CVE-2005-0448
Phase Assigned(20050216)

Description

Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.

References

Source Reference
CONECTIVA CLSA-2006:1056
DEBIAN DSA-696
FEDORA FLSA-2006:152845
GENTOO GLSA-200501-38
HP HPSBUX01208
HP SSRT5938
MANDRIVA MDKSA-2005:079
REDHAT RHSA-2005:881
REDHAT RHSA-2005:674
SGI 20060101-01-U
UBUNTU USN-94-1
OVAL oval:org.mitre.oval:def:728
OVAL oval:org.mitre.oval:def:10475
SECUNIA 18075
BID 12767
SECUNIA 14531
SECUNIA 18517
SECUNIA 17079
SECUNIA 55314

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.