Описание
The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.73-1 |
| lucid | ignored | end of life |
| precise | released | 0.68-1ubuntu0.12.04.1 |
| quantal | released | 0.68-1ubuntu0.12.10.1 |
| raring | released | 0.68-1ubuntu0.13.04.1 |
| upstream | released | 0.72 |
Показывать по
4.4 Medium
CVSS2
Связанные уязвимости
The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/.
The cpansign verify functionality in the Module::Signature module befo ...
The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/.
4.4 Medium
CVSS2