CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2012-6329

The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.
Publish Date : 2013-01-04 Last Update Date : 2016-12-07
Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

CVSS Score
7.5
Confidentiality Impact Partial (There is considerable informational disclosure.)
Integrity Impact Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Execute Code
CWE ID 94

- Related OVAL Definitions

Title Definition Id Class Family
DEPRECATED: ELSA-2013-0685 -- perl security update (moderate) oval:org.mitre.oval:def:27634 unix
DEPRECATED: ELSA-2013:0685: perl security update (Moderate) oval:org.mitre.oval:def:23419 unix
ELSA-2013:0685: perl security update (Moderate) oval:org.mitre.oval:def:23712 unix
RHSA-2013:0685: perl security update (Moderate) oval:org.mitre.oval:def:20994 unix
RHSA-2013:0685: perl security update (Moderate) oval:com.redhat.rhsa:def:20130685 unix
Security vulnerability in Perl for AIX oval:org.mitre.oval:def:24564 unix
SUSE-SU-2013:0441-1 -- Security update for Perl oval:org.mitre.oval:def:26263 unix
SUSE-SU-2013:0442-1 -- Security update for Perl oval:org.mitre.oval:def:26050 unix
USN-2099-1 -- perl vulnerability oval:org.mitre.oval:def:22490 unix
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2012-6329

# Product Type Vendor Product Version Update Edition Language
1 Application Perl Perl 5.10 Version Details Vulnerabilities
2 Application Perl Perl 5.10.0 RC2 Version Details Vulnerabilities
3 Application Perl Perl 5.10.0 Version Details Vulnerabilities
4 Application Perl Perl 5.10.0 RC1 Version Details Vulnerabilities
5 Application Perl Perl 5.10.1 RC2 Version Details Vulnerabilities
6 Application Perl Perl 5.10.1 RC1 Version Details Vulnerabilities
7 Application Perl Perl 5.10.1 Version Details Vulnerabilities
8 Application Perl Perl 5.11.0 Version Details Vulnerabilities
9 Application Perl Perl 5.11.1 Version Details Vulnerabilities
10 Application Perl Perl 5.11.2 Version Details Vulnerabilities
11 Application Perl Perl 5.11.3 Version Details Vulnerabilities
12 Application Perl Perl 5.11.4 Version Details Vulnerabilities
13 Application Perl Perl 5.11.5 Version Details Vulnerabilities
14 Application Perl Perl 5.12.0 RC4 Version Details Vulnerabilities
15 Application Perl Perl 5.12.0 RC1 Version Details Vulnerabilities
16 Application Perl Perl 5.12.0 Version Details Vulnerabilities
17 Application Perl Perl 5.12.0 RC2 Version Details Vulnerabilities
18 Application Perl Perl 5.12.0 RC0 Version Details Vulnerabilities
19 Application Perl Perl 5.12.0 RC3 Version Details Vulnerabilities
20 Application Perl Perl 5.12.0 RC5 Version Details Vulnerabilities
21 Application Perl Perl 5.12.1 Version Details Vulnerabilities
22 Application Perl Perl 5.12.1 RC2 Version Details Vulnerabilities
23 Application Perl Perl 5.12.1 RC1 Version Details Vulnerabilities
24 Application Perl Perl 5.12.2 Version Details Vulnerabilities
25 Application Perl Perl 5.12.2 RC1 Version Details Vulnerabilities
26 Application Perl Perl 5.12.3 RC3 Version Details Vulnerabilities
27 Application Perl Perl 5.12.3 RC2 Version Details Vulnerabilities
28 Application Perl Perl 5.12.3 RC1 Version Details Vulnerabilities
29 Application Perl Perl 5.12.3 Version Details Vulnerabilities
30 Application Perl Perl 5.13.0 Version Details Vulnerabilities
31 Application Perl Perl 5.13.1 Version Details Vulnerabilities
32 Application Perl Perl 5.13.2 Version Details Vulnerabilities
33 Application Perl Perl 5.13.3 Version Details Vulnerabilities
34 Application Perl Perl 5.13.4 Version Details Vulnerabilities
35 Application Perl Perl 5.13.5 Version Details Vulnerabilities
36 Application Perl Perl 5.13.6 Version Details Vulnerabilities
37 Application Perl Perl 5.13.7 Version Details Vulnerabilities
38 Application Perl Perl 5.13.8 Version Details Vulnerabilities
39 Application Perl Perl 5.13.9 Version Details Vulnerabilities
40 Application Perl Perl 5.13.10 Version Details Vulnerabilities
41 Application Perl Perl 5.13.11 Version Details Vulnerabilities
42 Application Perl Perl 5.14.0 RC1 Version Details Vulnerabilities
43 Application Perl Perl 5.14.0 Version Details Vulnerabilities
44 Application Perl Perl 5.14.0 RC3 Version Details Vulnerabilities
45 Application Perl Perl 5.14.0 RC2 Version Details Vulnerabilities
46 Application Perl Perl 5.14.1 Version Details Vulnerabilities
47 Application Perl Perl 5.14.2 Version Details Vulnerabilities
48 Application Perl Perl 5.14.3 Version Details Vulnerabilities
49 Application Perl Perl 5.16.0 Version Details Vulnerabilities
50 Application Perl Perl 5.16.1 Version Details Vulnerabilities
51 Application Perl Perl 5.16.2 Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Perl Perl 51

- References For CVE-2012-6329

http://code.activestate.com/lists/perl5-porters/187746/
MLIST [perl5-porters] 20121205 security notice: Locale::Maketext
http://www.ubuntu.com/usn/USN-2099-1
UBUNTU USN-2099-1
http://www.securityfocus.com/bid/56950
BID 56950 TWiki and Foswiki 'MAKETEXT' Variable Multiple Security Vulnerabilities Release Date:2016-07-29
http://www.mandriva.com/security/advisories?name=MDVSA-2013:113
MANDRIVA MDVSA-2013:113
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html CONFIRM
http://openwall.com/lists/oss-security/2012/12/11/4
MLIST [oss-security] 20121211 Re: CVE request: perl-modules
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0032 CONFIRM
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2012-6329 CONFIRM
http://sourceforge.net/mailarchive/message.php?msg_id=30219695
MLIST [foswiki-announce] 20121212 Security Alert CVE-2012-6329: Foswiki MAKETEXT Variable Allows Arbitrary Shell Command Execution
http://rhn.redhat.com/errata/RHSA-2013-0685.html
REDHAT RHSA-2013:0685
http://perl5.git.perl.org/perl.git/blob/HEAD:/pod/perl5177delta.pod CONFIRM
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=884354
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 CONFIRM
http://code.activestate.com/lists/perl5-porters/187763/
MLIST [perl5-porters] 20121205 Re: security notice: Locale::Maketext
http://perl5.git.perl.org/perl.git/commit/1735f6f53ca19f99c6e9e39496c486af323ba6a8 CONFIRM
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695224 CONFIRM

- Metasploit Modules Related To CVE-2012-6329

Foswiki MAKETEXT Remote Command Execution
This module exploits a vulnerability in the MAKETEXT Foswiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since the input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. Only Foswiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set) are vulnerable. If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the FoswikiPage option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on Foswiki 1.1.5 as distributed with the official Foswiki-1.1.5-vmware image.
Module type : exploit Rank : excellent Platforms : Unix
TWiki MAKETEXT Remote Command Execution
This module exploits a vulnerability in the MAKETEXT Twiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since user input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. This works in TWiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set). If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the 'TwikiPage' option isn't provided, the module will try to create a random page on the SandBox space. The module has been tested successfully on TWiki 5.1.2 as distributed with the official TWiki-VM-5.1.2-1 virtual machine.
Module type : exploit Rank : excellent Platforms : Unix


CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.