header-logo
Suggest Exploit
vendor:
Digest
by:
Unknown
7.5
CVSS
HIGH
Arbitrary Code Execution
94
CWE
Product Name: Digest
Affected Version From: Unknown
Affected Version To: 1.16
Patch Exists: NO
Related CWE: Unknown
CPE: a:perl:digest
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Arbitrary Code Execution in Digest Module for Perl

The Digest module for Perl is prone to a vulnerability that will let attackers inject and execute arbitrary Perl code. Remote attackers can exploit this issue to run arbitrary code in the context of the affected application.

Mitigation:

Upgrade to Digest version 1.17 or later.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/49911/info

The Digest module for Perl is prone to a vulnerability that will let attackers inject and execute arbitrary Perl code.

Remote attackers can exploit this issue to run arbitrary code in the context of the affected application.

Digest versions prior to 1.17 are affected. 

Digest->new("::MD5lprint 'ownaide\n';exit(1);");

Navigation

Suggest Exploit

Services By CQR