PT-2009-3499 · Perl · Perl-Mdk-Common

Published

2009-03-16

Updated

2017-08-17

CVE-2009-0912

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions perl-MDK-Common versions 1.1.11 through 1.1.24 perl-MDK-Common versions 1.2.9 through 1.2.14

Description The issue is related to improper handling of strings when writing them to configuration files. This allows attackers to gain privileges via special characters in unspecified vectors.

Recommendations For perl-MDK-Common versions 1.1.11 through 1.1.24, consider updating to a version that properly handles string writing to configuration files. For perl-MDK-Common versions 1.2.9 through 1.2.14, consider updating to a version that properly handles string writing to configuration files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2009-0912

Affected Products

Perl-Mdk-Common

PT-2009-3499 · Perl · Perl-Mdk-Common

CVE-2009-0912

Weakness Enumeration

Related Identifiers

Affected Products

References · 5