[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Omaha.pm] Perl security flaw?

To: omaha-pm@pm.org
Subject: [Omaha.pm] Perl security flaw?
From: "Daniel Linder" <dan@linder.org>
Date: Wed, 30 Nov 2005 16:59:23 -0600 (CST)
Delivered-to: mailman-omaha-pm@mailman.pm.dev
Delivered-to: omaha-pm@pm.org
Importance: Normal
List-archive: <http://mail.pm.org/pipermail/omaha-pm>
List-help: <mailto:omaha-pm-request@pm.org?subject=help>
List-id: "Perl Mongers of Omaha, Nebraska USA" <omaha-pm.pm.org>
List-post: <mailto:omaha-pm@pm.org>
List-subscribe: <http://mail.pm.org/mailman/listinfo/omaha-pm>, <mailto:omaha-pm-request@pm.org?subject=subscribe>
List-unsubscribe: <http://mail.pm.org/mailman/listinfo/omaha-pm>, <mailto:omaha-pm-request@pm.org?subject=unsubscribe>
Reply-to: dan@linder.org, "Perl Mongers of Omaha, Nebraska USA" <omaha-pm@pm.org>
User-agent: SquirrelMail/1.4.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Saw this on NetworkWorld...

http://www.networkworld.com/news/2005/113005-perl-flaw.html

It's too vaigue to help any, but it sounds like the classic use of un-checked user input being executed directly by the interperter (Perl or otherwise).

Anyone heard anything more?

Dan

- - - - -
"Wait for that wisest of all counselors, time." -- Pericles
"I do not fear computers, I fear the lack of them." -- Isaac Asimov
GPG fingerprint:6FFD DB94 7B96 0FD8 EADF 2EE0 B2B0 CC47 4FDE 9B68 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDji7LsrDMR0/em2gRAgjSAKC1RFU6ndhXc5iZNq4YrcpA5r0ERwCggn/3 Q3mwX13lUtqkRMepSk1DT6M= =ogxg -----END PGP SIGNATURE-----

Follow-Ups:
- Re: [Omaha.pm] Perl security flaw?
  - From: Sidney B <sidney.omaha.pm@gmail.com>
- Re: [Omaha.pm] Perl security flaw?
  - From: Andy Lester <andy@petdance.com>

Prev by Date: [Omaha.pm] quickie: GMT time via Date::Calc
Next by Date: Re: [Omaha.pm] Perl security flaw?
Previous by thread: [Omaha.pm] quickie: GMT time via Date::Calc
Next by thread: Re: [Omaha.pm] Perl security flaw?
Index(es):
- Date
- Thread