Perl 5.x - Digest Module 'Digest->new()' Code Injection
| EKU-ID: 40761 | CVE: CVE-2011-3597;OSVDB-75990 | OSVDB-ID: |
| Author: anonymous | Published: 2011-10-02 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 40761 | CVE: CVE-2011-3597;OSVDB-75990 | OSVDB-ID: |
| Author: anonymous | Published: 2011-10-02 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/49911/info
The Digest module for Perl is prone to a vulnerability that will let attackers inject and execute arbitrary Perl code.
Remote attackers can exploit this issue to run arbitrary code in the context of the affected application.
Digest versions prior to 1.17 are affected.
Digest->new("::MD5lprint 'ownaide\n';exit(1);");