Bug 81276 (CVE-2005-0448)

Summary: VUL-0: CVE-2005-0448: another perl rmtree vulnerability
Product: [Novell Products] SUSE Security Incidents Reporter: Ludwig Nussel <lnussel>
Component: IncidentsAssignee: Michael Schröder <mls>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: All   
Whiteboard: CVE-2005-0448: CVSS v2 Base Score: 1.2 (AV:L/AC:H/Au:N/C:N/I:P/A:N)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Ludwig Nussel 2005-04-29 13:45:28 UTC 
We received the following report via full-disclosure.
The issue is public.
This is said to be not the same as CAN-2004-0452 (#56715)

Date: Fri, 29 Apr 2005 05:13:59 -0600
From: Mandriva Security Team <security@mandriva.com>
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] MDKSA-2005:079 - Updated perl packages to fix
	rmtree vulnerability
X-Spam-Level: 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           perl
 Advisory ID:            MDKSA-2005:079
 Date:                   April 28th, 2005

 Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0,
			 Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Paul Szabo discovered another vulnerability in the rmtree() function
 in File::Path.pm. While a process running as root (or another user)
 was busy deleting a directory tree, a different user could exploit a
 race condition to create setuid binaries in this directory tree,
 provided that he already had write permissions in any subdirectory of
 that tree.
 
 The provided packages have been patched to resolve this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448
 ______________________________________________________________________

 Updated Packages:
  
 ....
Comment 1 Michael Schröder 2005-04-29 14:19:40 UTC 
As with the old bug, I don't think it's worth a security update for old 
versions. We should fix it for SL10/SLES10, though.
Comment 2 Ludwig Nussel 2005-04-29 14:22:47 UTC 
ok
Comment 3 Marcus Meissner 2005-08-25 06:41:50 UTC 
is it fixed Micha?
Comment 4 Michael Schröder 2005-08-25 10:21:53 UTC 
Good point, forgot to close the bug. Thanks.
Comment 5 Thomas Biege 2009-10-13 21:20:22 UTC 
CVE-2005-0448: CVSS v2 Base Score: 1.2 (AV:L/AC:H/Au:N/C:N/I:P/A:N)