Perl 5.x – Digest Module ‘Digest->new()’ Code Injection

Exploit Database
13 阅读

作者： anonymous

日期： 2011-10-02
类别：
- remote
平台：
- linux
来源：https://www.exploit-db.com/exploits/36199/

source: https://www.securityfocus.com/bid/49911/info

The Digest module for Perl is prone to a vulnerability that will let attackers inject and execute arbitrary Perl code.

Remote attackers can exploit this issue to run arbitrary code in the context of the affected application.

Digest versions prior to 1.17 are affected. 

Digest->new("::MD5lprint 'ownaide\n';exit(1);");

last Exploits
Perl 5.x – Digest Module ‘Digest->new()’ Code Injection的更多信息

Microsoft Internet Explorer – MSHTML!CObjectElement Use-After-Free (MS11-050) (Metasploit)：
Citrix Access Gateway – Command Execution (Metasploit)：
Kolibri WebServer 2.0 – Remote Buffer Overflow (EMET 5.0 / EMET 4.1 Partial Bypass)：
Apache Struts 2.5 < 2.5.12 - REST Plugin XStream Remote Code Execution：
WebExec – (Authenticated) User Code Execution (Metasploit)：
Petrol Pump Management Software v1.0 – ‘Address’ Stored Cross Site Scripting：
MIT Kerberos 5 – ‘src/kdc/do_tgs_req.c’ Ticket Renewal Double-Free Memory Corruption：
CA Unified Infrastructure Management Nimsoft 7.80 – Remote Buffer Overflow：