CVE-2008-2827 - Vulnerability Details

Vendors	Products
Perl	Perl

Link	Providers
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://rt.cpan.org/Public/Bug/Display.html?id=36982
http://secunia.com/advisories/30790
http://secunia.com/advisories/30837
http://secunia.com/advisories/31687
http://www.mandriva.com/security/advisories?name=MDVSA-2008:165
http://www.securityfocus.com/bid/29902
http://www.securitytracker.com/id?1020373
https://exchange.xforce.ibmcloud.com/vulnerabilities/43308
https://nvd.nist.gov/vuln/detail/CVE-2008-2827
https://www.cve.org/CVERecord?id=CVE-2008-2827
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-06-21T00:00:00", "descriptions": [{"lang": "en", "value": "The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "SUSE-SR:2008:017", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"}, {"name": "FEDORA-2008-5739", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html"}, {"name": "29902", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29902"}, {"name": "MDVSA-2008:165", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:165"}, {"tags": ["x_refsource_MISC"], "url": "http://rt.cpan.org/Public/Bug/Display.html?id=36982"}, {"name": "31687", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31687"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319"}, {"name": "1020373", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020373"}, {"name": "30790", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30790"}, {"name": "30837", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30837"}, {"name": "perl-filepath-rmtree-symlink(43308)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43308"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2827", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "SUSE-SR:2008:017", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"}, {"name": "FEDORA-2008-5739", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html"}, {"name": "29902", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29902"}, {"name": "MDVSA-2008:165", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:165"}, {"name": "http://rt.cpan.org/Public/Bug/Display.html?id=36982", "refsource": "MISC", "url": "http://rt.cpan.org/Public/Bug/Display.html?id=36982"}, {"name": "31687", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31687"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319"}, {"name": "1020373", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020373"}, {"name": "30790", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30790"}, {"name": "30837", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30837"}, {"name": "perl-filepath-rmtree-symlink(43308)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43308"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:14:14.805Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SR:2008:017", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"}, {"name": "FEDORA-2008-5739", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html"}, {"name": "29902", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/29902"}, {"name": "MDVSA-2008:165", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:165"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://rt.cpan.org/Public/Bug/Display.html?id=36982"}, {"name": "31687", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31687"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319"}, {"name": "1020373", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020373"}, {"name": "30790", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30790"}, {"name": "30837", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30837"}, {"name": "perl-filepath-rmtree-symlink(43308)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43308"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2827", "datePublished": "2008-06-23T19:00:00", "dateReserved": "2008-06-23T00:00:00", "dateUpdated": "2024-08-07T09:14:14.805Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2008-06-21T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-08-07T12:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : SUSE-SR:2008:017 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html (string)

}

1 : { »

name : FEDORA-2008-5739 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html (string)

}

2 : { »

name : 29902 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/29902 (string)

}

3 : { »

name : MDVSA-2008:165 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:165 (string)

}

4 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://rt.cpan.org/Public/Bug/Display.html?id=36982 (string)

}

5 : { »

name : 31687 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/31687 (string)

}

6 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319 (string)

}

7 : { »

name : 1020373 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id?1020373 (string)

}

8 : { »

name : 30790 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/30790 (string)

}

9 : { »

name : 30837 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/30837 (string)

}

10 : { »

name : perl-filepath-rmtree-symlink(43308) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/43308 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2008-2827 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : SUSE-SR:2008:017 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html (string)

}

1 : { »

name : FEDORA-2008-5739 (string)

refsource : FEDORA (string)

url : https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html (string)

}

2 : { »

name : 29902 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/29902 (string)

}

3 : { »

name : MDVSA-2008:165 (string)

refsource : MANDRIVA (string)

url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:165 (string)

}

4 : { »

name : http://rt.cpan.org/Public/Bug/Display.html?id=36982 (string)

refsource : MISC (string)

url : http://rt.cpan.org/Public/Bug/Display.html?id=36982 (string)

}

5 : { »

name : 31687 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/31687 (string)

}

6 : { »

name : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319 (string)

refsource : CONFIRM (string)

url : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319 (string)

}

7 : { »

name : 1020373 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id?1020373 (string)

}

8 : { »

name : 30790 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/30790 (string)

}

9 : { »

name : 30837 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/30837 (string)

}

10 : { »

name : perl-filepath-rmtree-symlink(43308) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/43308 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T09:14:14.805Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : SUSE-SR:2008:017 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html (string)

}

1 : { »

name : FEDORA-2008-5739 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html (string)

}

2 : { »

name : 29902 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/29902 (string)

}

3 : { »

name : MDVSA-2008:165 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

2 : x_transferred (string)

]

url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:165 (string)

}

4 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://rt.cpan.org/Public/Bug/Display.html?id=36982 (string)

}

5 : { »

name : 31687 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/31687 (string)

}

6 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319 (string)

}

7 : { »

name : 1020373 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id?1020373 (string)

}

8 : { »

name : 30790 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/30790 (string)

}

9 : { »

name : 30837 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/30837 (string)

}

10 : { »

name : perl-filepath-rmtree-symlink(43308) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/43308 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2008-2827 (string)

datePublished : 2008-06-23T19:00:00 (string)

dateReserved : 2008-06-23T00:00:00 (string)

dateUpdated : 2024-08-07T09:14:14.805Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:perl:perl:5.10:*:*:*:*:*:*:*", "matchCriteriaId": "777EC860-FB16-4B15-A8BE-3EAE9FD8A99D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452."}, {"lang": "es", "value": "La funci\u00f3n rmtree en lib/File/Path.pm de Perl 5.10 no comprueba correctamente los permisos antes de realizar chmod, lo que permite a usuarios locales modificar los permisos de archivos de su elecci\u00f3n mediante un ataque de enlaces simb\u00f3licos, una vulnerabilidad distinta a CVE-2005-0448 y CVE-2004-0452."}], "id": "CVE-2008-2827", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-06-23T19:41:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://rt.cpan.org/Public/Bug/Display.html?id=36982"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30790"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30837"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/31687"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:165"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29902"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020373"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43308"}, {"source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://rt.cpan.org/Public/Bug/Display.html?id=36982"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30790"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30837"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31687"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:165"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/29902"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1020373"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43308"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of perl as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5, Red Hat Application Stack 1, or Solaris versions of Red Hat Directory Server 7.1 and 8, Certificate System 7.x.", "lastModified": "2008-06-24T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:perl:perl:5.10:*:*:*:*:*:*:* (string)

matchCriteriaId : 777EC860-FB16-4B15-A8BE-3EAE9FD8A99D (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452. (string)

}

1 : { »

lang : es (string)

value : La función rmtree en lib/File/Path.pm de Perl 5.10 no comprueba correctamente los permisos antes de realizar chmod, lo que permite a usuarios locales modificar los permisos de archivos de su elección mediante un ataque de enlaces simbólicos, una vulnerabilidad distinta a CVE-2005-0448 y CVE-2004-0452. (string)

}

]

id : CVE-2008-2827 (string)

lastModified : 2025-04-09T00:30:58.490 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 4.6 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:L/AC:L/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2008-06-23T19:41:00.000 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

]

url : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319 (string)

}

1 : { »

source : cve@mitre.org (string)

url : http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

]

url : http://rt.cpan.org/Public/Bug/Display.html?id=36982 (string)

}

3 : { »

source : cve@mitre.org (string)

url : http://secunia.com/advisories/30790 (string)

}

4 : { »

source : cve@mitre.org (string)

url : http://secunia.com/advisories/30837 (string)

}

5 : { »

source : cve@mitre.org (string)

url : http://secunia.com/advisories/31687 (string)

}

6 : { »

source : cve@mitre.org (string)

url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:165 (string)

}

7 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/bid/29902 (string)

}

8 : { »

source : cve@mitre.org (string)

url : http://www.securitytracker.com/id?1020373 (string)

}

9 : { »

source : cve@mitre.org (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/43308 (string)

}

10 : { »

source : cve@mitre.org (string)

url : https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

]

url : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

]

url : http://rt.cpan.org/Public/Bug/Display.html?id=36982 (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://secunia.com/advisories/30790 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://secunia.com/advisories/30837 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://secunia.com/advisories/31687 (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:165 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/29902 (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id?1020373 (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/43308 (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01025.html (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vendorComments : [ »

0 : { »

comment : Not vulnerable. This issue did not affect the versions of perl as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5, Red Hat Application Stack 1, or Solaris versions of Red Hat Directory Server 7.1 and 8, Certificate System 7.x. (string)

lastModified : 2008-06-24T00:00:00 (string)

organization : Red Hat (string)

}

]

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-264 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object