Source: libfile-find-rule-perl
Version: 0.34-1
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://github.com/richardc/perl-file-find-rule/pull/4
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi,
The following vulnerability was published for libfile-find-rule-perl.
CVE-2011-10007[0]:
| File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary
| Code Execution when `grep()` encounters a crafted filename. A file
| handle is opened with the 2 argument form of `open()` allowing an
| attacker controlled filename to provide the MODE parameter to
| `open()`, turning the filename into a command to be executed.
| Example: $ mkdir /tmp/poc; echo > "/tmp/poc/|id" $ perl
| -MFile::Find::Rule \ -E
| 'File::Find::Rule->grep("foo")->in("/tmp/poc")' uid=1000(user)
| gid=1000(user) groups=1000(user),100(users)
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2011-10007
https://www.cve.org/CVERecord?id=CVE-2011-10007
[1] https://github.com/richardc/perl-file-find-rule/pull/4
Regards,
Salvatore
