Perl Clipboard Module 'clipedit.pl' Insecure Temporary File Handling Vulnerability
BID:69473
CVE-2014-5509 |Info
Perl Clipboard Module 'clipedit.pl' Insecure Temporary File Handling Vulnerability
| Bugtraq ID: | 69473 |
| Class: | Design Error |
| CVE: |
CVE-2014-5509 |
| Remote: | No |
| Local: | Yes |
| Published: | Aug 29 2014 12:00AM |
| Updated: | Sep 02 2014 12:34AM |
| Credit: | Salvatore Bonaccorso |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Perl Clipboard Module 'clipedit.pl' Insecure Temporary File Handling Vulnerability
The Clipboard module for Perl is prone to an insecure temporary file-handling vulnerability.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.
Clipboard 0.13 is vulnerable; other versions may also be affected.
The Clipboard module for Perl is prone to an insecure temporary file-handling vulnerability.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.
Clipboard 0.13 is vulnerable; other versions may also be affected.
Exploit / POC
Perl Clipboard Module 'clipedit.pl' Insecure Temporary File Handling Vulnerability
An attacker can use readily available commands to exploit this issue.
An attacker can use readily available commands to exploit this issue.
Solution / Fix
Perl Clipboard Module 'clipedit.pl' Insecure Temporary File Handling Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
Perl Clipboard Module 'clipedit.pl' Insecure Temporary File Handling Vulnerability
References:
References:
- Perl Homepage (Perl.org)