oss-sec mailing list archives
Re: CVE-2011-10007: File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted file name
From: Timothy Legge <timlegge () cpansec org>
Date: Thu, 05 Jun 2025 22:24:04 -0300
On 2025-06-05 21:59, Sam James wrote:
A file handle is opened with the 2 argument form of `open()` allowing an attacker controlled filename to provide the MODE parameter to `open()`, turning the filename into a command to be executed.FWIW, I've started a broader discussion on the future of 2-arg open onp5p at https://www.nntp.perl.org/group/perl.perl5.porters/2025/06/msg269996.html.
Thanks, I just say that. I was thinking it would be nice to have a way to disable it.
Current thread:
- CVE-2011-10007: File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted file name Timothy Legge (Jun 05)
- Re: CVE-2011-10007: File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted file name Sam James (Jun 05)
- Re: CVE-2011-10007: File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted file name Timothy Legge (Jun 05)
- Re: CVE-2011-10007: File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted file name Sam James (Jun 05)