Debian Linux Security Advisory 4300-1 - It was discovered that Archive::Zip, a perl module for manipulation of ZIP archives, is prone to a directory traversal vulnerability. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite arbitrary files during archive extraction.
24b66271204e48260c278858e93a3d197b16c2374c13e4091face6dfc00b94cf
VBScan is a black box vBulletin vulnerability scanner written in perl.
6995ea103a40716fe5735d47841063df1571c2d4e08080fa9bdb9b2f2b2a6dcf
Linux Awk to Perl (/usr/bin/a2p) suffers from a buffer overflow vulnerability.
e971bbb15948d862ca262f19d55b97753f511a0f608fbcdbf35a02083d720146
Malbait is a honeypot written in perl. It creates fake servers and supports both TCP and UDP protocols, either singly or in combination. It outputs in CSV format as well as giving more detailed text reports. You can serve fake Telnet, FTP, SMTP, POP3, HTTP, TR-69, IMAP, asciitime, systat and echo servers, as well as serving blank or random output.
b2a5e5f4099d997913c7d6ba4a2ddc6d239ed821741525eeaddd41a93f11d30e
Ubuntu Security Notice 3684-1 - It was discovered that Perl incorrectly handled certain archive files. An attacker could possibly use this to overwrite arbitrary files.
9116c49f3236d1aa7d4b651e131df2e4df3c02666112f9add49b6e3f818e4366
Ubuntu Security Notice 3684-2 - USN-3684-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Perl incorrectly handled certain archive files. An attacker could possibly use this to overwrite arbitrary files.
3135393621809372c38283ed1d484e3ae13df25078adbbf65e4f925efff3b92b
Red Hat Security Advisory 2018-1192-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include multiple overflows.
b1eb554dded9a7ad0a3b05a9cab015ab2364b087d8a53b3d7742f471ca807873
Ubuntu Security Notice 3625-2 - USN-3625-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. Various other issues were also addressed.
ff8ba6835c5471028b08121523dc8369b5986ca2bddf697ecf88fada90834e01
Ubuntu Security Notice 3625-1 - It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. It was discovered that Perl incorrectly loaded libraries from the current working directory. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
993c5bb2d33be22423d12dee38b8e4e9644059fd1ff976ebca463d5df813a5ad
This is a simple perl script to perform dictionary attacks against the KeePass password manager.
6543608fbc7bd69c9aed01176048fc5dbb4c5cfcf6b3eb1751f46ee2b6e9c7cd
VideoFlow Digital Video Protection DVP 10 version 2.10 suffers from an authenticated arbitrary file disclosure vulnerability including no session expiration. Input passed via the 'ID' parameter in several Perl scripts is not properly verified before being used to download system files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks.
9fdb71614470b3895e28afe235e28c5784709277cd64d29608144c5fc0584e48
OWASP JoomScan is an opensource project for detecting Joomla CMS vulnerabilities. Written in Perl.
6066d5427e46a3fd26abe10435389c66c8c38392bbec9773ac4dbe0b9897a23c
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
9c0f310583ff0dd8168010acd45c7d2e3a37e176300ac642269bce3d759ebda0
Ubuntu Security Notice 3478-2 - USN-3478-1 fixed two vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
56131795db34853861d0fab4f6e44a939d8737a03a90759a8c10c92c4cfa6938
Ubuntu Security Notice 3478-1 - Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code.
4110b15e29d147493be4523d5ce7d758642b163da3bc0f38eebaf8b8d4cfb359
The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations and it allows for OS command injection. Versions before before 2.14.2, 2.13.6, 2.12.5, 2.11.4 and 2.10.5 are affected.
2de6037444f7b5a4cba7811fd7636e3e1a89d1b61face8188b179e5a4d83797b
Debian Linux Security Advisory 3984-1 - joernchen discovered that the git-cvsserver subcommand of Git, a distributed version control system, suffers from a shell command injection vulnerability due to unsafe use of the Perl backtick operator. The git-cvsserver subcommand is reachable from the git-shell subcommand even if CVS support has not been configured (however, the git-cvs package needs to be installed).
45c5b391bc95f3cc52114ee4a0b69f4f29bc0b3cde6352f0143c59740c21e65f
Gentoo Linux Security Advisory 201709-12 - A vulnerability in module File::Path for Perl allows local attackers to set arbitrary mode values on arbitrary files bypassing security restrictions. Versions less than 5.24.1-r2 are affected.
354da611e13b26533594dfaddd7263b5ff8f6d1c891f45eda624a9cbb40d1437
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
a5e81aab1e8b91aaabce9d577368d1e4cd97c8454402192a03fb4774a69da728
check_siem is a security incidents and events monitor written in Perl. It reports on unusual user, process, net, and file activities by leveraging fuzzy LSOF statistics. Think of it as a fun-sized HIDS.
2278b6041fcb1fa3753aa036c6538d183166b0b6b8a797bce3a6df8e4d889958
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
a8807c83f9f325312df05aa215fa75ad697c7a16163175363c2066baa26dda77
Debian Linux Security Advisory 3873-1 - The cPanel Security Team reported a time of check to time of use (TOCTTOU) race condition flaw in File::Path, a core module from Perl to create or remove directory trees. An attacker can take advantage of this flaw to set the mode on an attacker-chosen file to a attacker-chosen value.
669492e2b6634929ca6740fee2a0e7aa50309178b09ab44dcbff2acc9c6e2e4a
Uberscan is an IP scanner and brute forcing tool all in one. Written in perl.
03c619eb7a6756875cfd4de5de3f9b6bbc71cdbe72137814c254f2a9116ad397
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
9530e7f9edc52dc222597d903ee4f6797a20b6cccb765503b6c3082408e9d386
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
f2753c34c9883dfe15003f5b0814c44255ff34cfd31b9a7bf514172123ed05ff