SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Perl-Digest-MD5 Vendors:   Novell
Novell NetWare Perl Handler Input Validation Bugs Let Remote Users Execute Arbitrary Code and View Files on the System
SecurityTracker Alert ID:  1005091
SecurityTracker URL:  http://securitytracker.com/id/1005091
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Aug 21 2002
Impact:   Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.003
Description:   Several vulnerabilities were reported in Novell's Perl Handler for web servers running on NetWare systems. A remote user can execute arbitrary code on the system, view the Perl version information, and view files on the system.

Novell reported several vulnerabilities associated with their Perl interpreter when used in conjunction with a web server.

It is reported that a remote user can execute arbitrary code via an HTTP POST command.

A remote user can also obtain the Perl version information.

A remote user can also request URLs containing the '%5c' string to traverse the directory and obtain files located outside of the web server's document directory.

Novell credits Rain Forrest Puppy with reporting these flaws.

Impact:   A remote user can view files on the system and determine the Perl interpreter version information. A remote user can execute arbitrary Perl code on the server.
Solution:   A BETA patch file is available to registered users for no fee at:

http://support.novell.com/servlet/filedownload/ftf/perl5002.exe/

This ZIP is applicable to both NetWare 5.1 and NetWare 6, running Perl version 5.003

Type perl -version on server console to detect the version of Perl you are running.

The systems having Perl version 5.6 need not apply above patch. Perl 5.6 already contains the fix for the above defect.

Vendor URL:  support.novell.com/servlet/tidfinder/2963307 (Links to External Site)
Cause:   Input validation error
Underlying OS Comments:  NetWare 5.1, 6

Message History:   None.


 Source Message Contents

Subject:  NOVL-2002-2963307 - PERL Handler Vulnerability


--=_ABF7F9F5.AECFA1C2
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="NOVL-2002-2963307 - PERL Handler Vulnerability.txt"

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

For Immediate Disclosure

============================== Summary ==============================

 Security Alert: NOVL-2002-2963307
          Title: Perl Handler Vulnerability Patch
           Date: 20-Aug-2002
       Revision: Original
   Product Name: Perl version 5.003
 OS/Platform(s): NetWare 5.1, 6
  Reference URL: http://support.novell.com/servlet/tidfinder/2963307
    Vendor Name: Novell, Inc. 
     Vendor URL: http://www.novell.com
Security Alerts: http://support.novell.com/security-alerts 
        Affects: Various on SYS: volume
    Identifiers: None
        Credits: Rain Forrest Puppy <rfp@wiretrip.net>

============================ Description ============================

The following code modifications are included in this patch:

============================== Impact ===============================

This ZIP is applicable to both NetWare 5.1 and NetWare 6, running
Perl version 5.003 as a handler from a web server.

Type perl -version on server console to detect the version of Perl 

The following items are included in this code change:

Note:
The systems having Perl version 5.6 need not apply above patch. Perl
5.6 already contains the fix for the above defect. 

======================== Recommended Actions ========================

Note:  The patch file is currently available as a BETA patch, which
means a user registration (no fee) is required to download the file.

This ZIP is applicable to both NetWare 5.1 and NetWare 6, running
Perl version 5.003 

Type perl -version on server console to detect the version of Perl 

The systems having Perl version 5.6 need not apply above patch. Perl
5.6 already contains the fix for the above defect. 

See detailed instructions in the referenced Technical Information
Document (TID) http://support.novell.com/servlet/tidfinder/2963307.

============================ DISCLAIMER =============================

The content of this document is believed to be accurate at the time
of publishing based on currently available information. However, the
information is provided "AS IS" without any warranty or
representation. Your use of the document constitutes acceptance of
this disclaimer. Novell disclaims all warranties, express or implied,
regarding this document, including the warranties of merchantability
and fitness for a particular purpose. Novell is not liable for any
direct, indirect, or consequential loss or damage arising from use
of, or reliance on, this document or any security alert, even if
Novell has been advised of the possibility of such damages and even
if such damages are foreseeable.

============================ Appendices =============================

None

================ Contacting Novell Security Alerts ==================

To report suspected security vulnerabilities in Novell products, send
email to
            secure@novell.com

PGP users may send signed/encrypted information to us using our PGP
key, available from the pgpkeys.mit.edu server, or our website at: 

            http://support.novell.com/security-alerts


Security Alerts, Novell, Inc. PGP Key Fingerprint:

F5AE 9265 0A34 F84E 580E  9B87 3AC1 1974 DE05 0FDB

========================= Revision History ==========================
       Original: 13-Aug-2002 - Original Publication
        Revised: 16-Aug-2002
 Security Alert: 20-Aug-2002

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Security 7.0.3

iQA/AwUBPWJpKDrBGXTeBQ/bEQJxGgCfTQLybrIJOBweHMs7Gqn1SoxYuBgAoPzU
2rdww8TfTC5/jB44UjmJ16ud
=r+WG
-----END PGP SIGNATURE-----

--=_ABF7F9F5.AECFA1C2--

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC