Perl 5.x – Digest Module ‘Digest->new()’ Code Injection

• Exploit Database
• 122 阅读

• 作者： anonymous
  日期： 2011-10-02
• 类别：

  • remote
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/36199/
• 1 2 3 4 5 6 7 8 9 10

  source: https://www.securityfocus.com/bid/49911/info   The Digest module for Perl is prone to a vulnerability that will let attackers inject and execute arbitrary Perl code.   Remote attackers can exploit this issue to run arbitrary code in the context of the affected application.   Digest versions prior to 1.17 are affected.   Digest->new("::MD5lprint 'ownaide\n';exit(1);");