CVE-2005-4278

Published Dec 16, 2005

Last updated a day ago

CVSS info 7.2

Overview

Description: Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB5869CF-E0BD-4091-B7AA-7722F39EAF0D",
            "versionEndIncluding": "5.8.6"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6D64BFC-E974-460C-A635-7319676049A7"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FBFF691-770C-4181-BB40-14BD1B90F705"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7EF5BB8-FFEA-4927-A289-3C9A7ADEC6BB"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB034FE1-9575-45B4-9E8F-1B068E3ED1CC"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6D7F3D2-FE93-4F2F-B8FB-F2A7869502FF"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7530A863-0FFF-4332-8E6F-4329AB4DE5FC"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D30E072-9E6A-49B4-A5C7-63A328598A68"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "434F0580-985F-42AF-BA10-FAB7E2C23ED0"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18B179E0-C843-46C9-AAD2-78E998175E41"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD5E5A51-ED4C-4927-8C4D-502E79391E19"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "171C82CB-2E92-4D41-B1B1-DCFE929E8270"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25633253-D9DE-41F0-A787-D0E8B2B3B9F0"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEDF9611-E4E2-4059-B45E-D3A61AC9DB47"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A9D197-D889-4BE4-BE7A-2EE9536A7498"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0A4538C-3870-431E-A225-D8523D77A4E4"
          },
          {
            "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8233B3A-E09D-425B-B1A1-65CD170FD384"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References