All the vulnerabilites related to ralf_s._engelschall - eperl
cve-1999-1437
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
EPSS score ?
Summary
ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=90221104525890&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/151 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=90221104525927&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19980707 ePerl: bad handling of ISINDEX queries",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525890\u0026w=2"
},
{
"name": "151",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/151"
},
{
"name": "19980710 ePerl Security Update Available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525927\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19980707 ePerl: bad handling of ISINDEX queries",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525890\u0026w=2"
},
{
"name": "151",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/151"
},
{
"name": "19980710 ePerl Security Update Available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525927\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1437",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980707 ePerl: bad handling of ISINDEX queries",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525890\u0026w=2"
},
{
"name": "151",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/151"
},
{
"name": "19980710 ePerl Security Update Available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525927\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1437",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-0458
Vulnerability from cvelistv5
Published
2001-05-24 04:00
Modified
2024-08-08 04:21
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/6198 | vdb-entry, x_refsource_XF | |
| http://www.debian.org/security/2001/dsa-034 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.novell.com/linux/security/advisories/2001_008_eperl.html | vendor-advisory, x_refsource_SUSE | |
| http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-027.php3 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.securityfocus.com/bid/2464 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:21:38.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "linux-eperl-bo(6198)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6198"
},
{
"name": "DSA-034",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2001/dsa-034"
},
{
"name": "SuSE-SA:2001:08",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2001_008_eperl.html"
},
{
"name": "MDKSA-2001:027",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-027.php3"
},
{
"name": "2464",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2464"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "linux-eperl-bo(6198)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6198"
},
{
"name": "DSA-034",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2001/dsa-034"
},
{
"name": "SuSE-SA:2001:08",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2001_008_eperl.html"
},
{
"name": "MDKSA-2001:027",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-027.php3"
},
{
"name": "2464",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2464"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "linux-eperl-bo(6198)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6198"
},
{
"name": "DSA-034",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2001/dsa-034"
},
{
"name": "SuSE-SA:2001:08",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2001_008_eperl.html"
},
{
"name": "MDKSA-2001:027",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-027.php3"
},
{
"name": "2464",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2464"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0458",
"datePublished": "2001-05-24T04:00:00",
"dateReserved": "2001-05-24T00:00:00",
"dateUpdated": "2024-08-08T04:21:38.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-0733
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
EPSS score ?
Summary
The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier allows a remote attacker to execute arbitrary code by modifying the 'sinclude' file to point to another file that contains a #include directive that references a file that contains the code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/2912 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/192711 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/6743 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2912"
},
{
"name": "20010621 bugtraq submission",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/192711"
},
{
"name": "eperl-embedded-code-execution(6743)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6743"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier allows a remote attacker to execute arbitrary code by modifying the \u0027sinclude\u0027 file to point to another file that contains a #include directive that references a file that contains the code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2912"
},
{
"name": "20010621 bugtraq submission",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/192711"
},
{
"name": "eperl-embedded-code-execution(6743)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6743"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0733",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier allows a remote attacker to execute arbitrary code by modifying the \u0027sinclude\u0027 file to point to another file that contains a #include directive that references a file that contains the code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2912"
},
{
"name": "20010621 bugtraq submission",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/192711"
},
{
"name": "eperl-embedded-code-execution(6743)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6743"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0733",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-10-12T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
1998-07-07 04:00
Modified
2024-11-20 23:31
Severity ?
Summary
ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ralf_s._engelschall | eperl | 2.2.12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEFD4F6-73A1-4011-ABAE-5C5E86CB535A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml."
}
],
"id": "CVE-1999-1437",
"lastModified": "2024-11-20T23:31:06.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-07-07T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525890\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525927\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525890\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525927\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/151"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-06-27 04:00
Modified
2024-11-20 23:35
Severity ?
Summary
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ralf_s._engelschall | eperl | 2.2.12 | |
| ralf_s._engelschall | eperl | 2.2.13 | |
| debian | debian_linux | 2.2 | |
| mandrakesoft | mandrake_linux | 7.1 | |
| mandrakesoft | mandrake_linux | 7.2 | |
| suse | suse_linux | 6.3 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEFD4F6-73A1-4011-ABAE-5C5E86CB535A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4D88BA-5427-4A46-942C-C93679C9D808",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands."
}
],
"id": "CVE-2001-0458",
"lastModified": "2024-11-20T23:35:24.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-06-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2001/dsa-034"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-027.php3"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2001_008_eperl.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2464"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2001/dsa-034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-027.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2001_008_eperl.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6198"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-10-18 04:00
Modified
2024-11-20 23:36
Severity ?
Summary
The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier allows a remote attacker to execute arbitrary code by modifying the 'sinclude' file to point to another file that contains a #include directive that references a file that contains the code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ralf_s._engelschall | eperl | * | |
| ralf_s._engelschall | eperl | 2.0 | |
| ralf_s._engelschall | eperl | 2.0.1 | |
| ralf_s._engelschall | eperl | 2.0.2 | |
| ralf_s._engelschall | eperl | 2.0.3 | |
| ralf_s._engelschall | eperl | 2.1 | |
| ralf_s._engelschall | eperl | 2.1.1 | |
| ralf_s._engelschall | eperl | 2.1.2 | |
| ralf_s._engelschall | eperl | 2.2 | |
| ralf_s._engelschall | eperl | 2.2.1 | |
| ralf_s._engelschall | eperl | 2.2.2 | |
| ralf_s._engelschall | eperl | 2.2.3 | |
| ralf_s._engelschall | eperl | 2.2.4 | |
| ralf_s._engelschall | eperl | 2.2.5 | |
| ralf_s._engelschall | eperl | 2.2.6 | |
| ralf_s._engelschall | eperl | 2.2.7 | |
| ralf_s._engelschall | eperl | 2.2.8 | |
| ralf_s._engelschall | eperl | 2.2.9 | |
| ralf_s._engelschall | eperl | 2.2.10 | |
| ralf_s._engelschall | eperl | 2.2.11 | |
| ralf_s._engelschall | eperl | 2.2.12 | |
| ralf_s._engelschall | eperl | 2.2.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "473F4845-AB3F-4120-BA45-B18E3CE3A790",
"versionEndIncluding": "2.2.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17CD8EFB-0D55-4E6A-8670-569A46C8FEAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3396BE28-B4E5-44A0-85D4-EB7761938FE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D69A7D12-1C56-414E-BDE8-EC7BF911268D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B30235AE-3FA3-4E4C-A472-88C3FB6BA0C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7D5A87-ACF8-4F96-A3FA-43824EE921E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92DFC2BC-20A0-43E1-811A-84AC757765D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17F9521F-3EB1-484E-95E1-8DE94CBC965D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6929EB60-B8E1-46EE-A6C3-1113870E0010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF83932-5764-4E96-B82F-4C516DF7C04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F8188B5-FF0E-4A5F-BDF7-B55ABD2ED8AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E9AD92A-36FA-45D1-9511-4A4702A57B8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C92C1B2D-7294-4851-B56C-040697ED4F54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "27C68020-0A8A-4024-A411-2E0C6897E409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "97177077-1779-4FC8-AFBA-F8017B1D6516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0C283D-2311-4AC3-A6AA-5E0624DAE1D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "04543544-0550-4B78-9D4F-8A78FCA0B17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4D087909-F3DF-4493-A4B6-CDE5A3218FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4A5C2823-50A7-4605-827F-8C23CCDBB689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0484C322-C5F5-494E-A362-361807A3ADF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEFD4F6-73A1-4011-ABAE-5C5E86CB535A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ralf_s._engelschall:eperl:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4D88BA-5427-4A46-942C-C93679C9D808",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier allows a remote attacker to execute arbitrary code by modifying the \u0027sinclude\u0027 file to point to another file that contains a #include directive that references a file that contains the code."
}
],
"id": "CVE-2001-0733",
"lastModified": "2024-11-20T23:36:01.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-10-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/192711"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2912"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/192711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6743"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}