FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

perl -- File::Path insecure file/directory permissions

Affected packages
0 <= perl < 5.6.2
5.8.0 <= perl < 5.8.6
0 <= perl-threaded < 5.6.2
5.8.0 <= perl-threaded < 5.8.6

Details

VuXML ID c418d472-6bd1-11d9-93ca-000a95bc6fae
Discovery 2004-12-30
Entry 2005-01-21
Modified 2007-11-07

Jeroen van Wolffelaar reports that the Perl module File::Path contains a race condition wherein traversed directories and files are temporarily made world-readable/writable.

References

CVE Name CVE-2004-0452
URL http://www.debian.org/security/2004/dsa-620
URL http://xforce.iss.net/xforce/xfdb/18650