Perl Denial Of Service Vulnerability (Windows) Network Vulnerability

Summary

The host is installed with Perl and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow attackers to cause an affected application to crash, denying service to legitimate users. Impact Level: Application

Solution

Upgrade to Perl version 5.12 or later. For updates refer to http://www.perl.org/get.html

Insight

The flaw is due to an error in 'getpeername', 'readdir', 'closedir', 'getsockname', 'rewinddir', 'tell', or 'telldir' function calls. When given a wrong number of arguments, those functions will attempt to perform a comparison between an unallocated memory zone and a given register, resulting in a segmentation fault.

Affected

Perl versions 5.10 and 5.10.1 on Windows.

References

http://www.securityfocus.com/archive/1/archive/1/517916/100/0/threaded
http://www.toucan-system.com/advisories/tssa-2011-03.txt
http://xforce.iss.net/xforce/xfdb/67355

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0761
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09
Denial Of Service Vulnerability in PHP April-09
ClamAV Invalid Memory Access Denial Of Service Vulnerability
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Windows)
Comodo Internet Security Denial of Service Vulnerability-01

Perl Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities