|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Rain Forest Puppy (rfp_at_vulnwatch.org)
Date: Tue Nov 05 2002 - 23:59:18 CST
A bug was found in Perl's Safe.pm module:
http://use.perl.org/articles/02/10/06/1118222.shtml?tid=5
Basically, code in the sandbox can modify the execution/operation mask via
_; if the compartment was ever reused, the second time around it might
use the modified execution mask.
Perl <= 5.8.0 are vuln.
- rfp
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]