PT-2017-10549 · Debian · Config-Model

Published

2017-05-23

Updated

2017-06-08

CVE-2017-0373

CVSS v3.1

7.3

High

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Config-Model versions prior to 2.102

Description The gen class pod implementation in lib/Config/Model/Utils/GenClassPod.pm has a dangerous "use lib" line. This allows remote attackers to have an unspecified impact via a crafted Debian package file.

Recommendations For versions prior to 2.102, update to version 2.102 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-0373

Affected Products

Config-Model

PT-2017-10549 · Debian · Config-Model

CVE-2017-0373

Weakness Enumeration

Related Identifiers

Affected Products

References · 9