Security restrictions bypass in Perl

Published: 2018-06-08

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2018-12015
CWE-ID	CWE-22
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	Perl Universal components / Libraries / Scripting languages
Vendor	Perl

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Path traversal

EUVDB-ID: #VU13236

Risk: Low

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-12015

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to an error when processing malicious input. A remote attacker can trick the victim into extracting a specially crafted tar archive containing a file and a symbolic link (symlink) with the same name, create a file outside of the current working directory, bypass a directory-traversal protection mechanism and create or overwrite files with the privileges of the target user.

Mitigation

Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.

Vulnerable software versions

Perl: 5.26.0 - 5.26.2

CPE2.3

cpe:2.3:a:perl:perl:5.26.2:*:*:*:*:*:*:*

External links

https://rt.cpan.org/Public/Bug/Display.html?id=125523

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.