|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2023-47039: perl: Perl for Windows binary hijacking vulnerability | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | SMASH SMASH <smash_bz> |
| Component: | Incidents | Assignee: | Michael Schröder <mls> |
| Status: | RESOLVED UPSTREAM | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | gianluca.gabrielli, meissner |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/384695/ | ||
| Whiteboard: | |||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Comment 1
Marcus Meissner
2023-11-13 14:00:01 UTC
What do you mean? We don't ship a perl compiled for windows. public via https://metacpan.org/release/PEVANS/perl-5.38.1/view/pod/perldelta.pod CVE-2023-47039 - Perl for Windows binary hijacking vulnerability This vulnerability was reported to the Intel Product Security Incident Response Team (PSIRT) by GitHub user ycdxsb https://github.com/ycdxsb/WindowsPrivilegeEscalation. PSIRT then reported it to the Perl security team. Perl for Windows relies on the system path environment variable to find the shell (cmd.exe). When running an executable which uses Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system. However, due to path search order issues, Perl initially looks for cmd.exe in the current working directory. An attacker with limited privileges can exploit this behavior by placing cmd.exe in locations with weak permissions, such as C:\ProgramData. By doing so, when an administrator attempts to use this executable from these compromised locations, arbitrary code can be executed. however does not affected SUSE. |