OSVDB ID: 25974
Disclosure Date: Jun 5, 2006

Description:

ActiveState ActivePerl contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the attacker creates a malicious 'sitecustomize.pl' file in the 'site/lib' directory. This flaw may lead to a loss of integrity.

Technical Description:

This issue can only be exploited on Windows operating systems.

The issue is caused due to a combination of insecure use of the 'sitecustomize.pl' file and insecure default directory permissions granting Users group to create files in 'site/lib' directory. This issue allows local attackers to execute Perl script code with the privileges of other users executing ActivePerl.

Vulnerability Classification:

* Local/Shell Access Required
* Misconfiguration Problem
* Loss Of Integrity
* Exploit Available

Products:

* ActiveState ActivePerl 5.8.8.817

Solution:

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workarounds:

1. Create an empty sitecustomize.pl in the 'site/lib' directory.
2. Always run ActivePerl with the '-f' command line option.