The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Perl | Perl | 5.10.0 (including) | 5.10.0 (including) |
| Perl | Perl | 5.10.0-rc1 (including) | 5.10.0-rc1 (including) |
| Perl | Perl | 5.10.0-rc2 (including) | 5.10.0-rc2 (including) |
| Perl | Perl | 5.10.1 (including) | 5.10.1 (including) |
| Perl | Perl | 5.10.1-rc1 (including) | 5.10.1-rc1 (including) |
| Perl | Perl | 5.10.1-rc2 (including) | 5.10.1-rc2 (including) |
| Red Hat Enterprise Linux 6 | RedHat | perl-4:5.10.1-119.el6 | * |
| Perl | Ubuntu | karmic | * |
| Perl | Ubuntu | lucid | * |
| Perl | Ubuntu | maverick | * |
| Perl | Ubuntu | natty | * |
| Perl | Ubuntu | upstream | * |
References
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.html
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
- http://openwall.com/lists/oss-security/2011/04/01/3
- http://openwall.com/lists/oss-security/2011/04/04/35
- http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99
- http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336
- http://secunia.com/advisories/43921
- http://secunia.com/advisories/44168
- http://www.debian.org/security/2011/dsa-2265
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:091
- http://www.securityfocus.com/bid/47124
- https://bugzilla.redhat.com/show_bug.cgi?id=692844
- https://bugzilla.redhat.com/show_bug.cgi?id=692898
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66528
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.html
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
- http://openwall.com/lists/oss-security/2011/04/01/3
- http://openwall.com/lists/oss-security/2011/04/04/35
- http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99
- http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336
- http://secunia.com/advisories/43921
- http://secunia.com/advisories/44168
- http://www.debian.org/security/2011/dsa-2265
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:091
- http://www.securityfocus.com/bid/47124
- https://bugzilla.redhat.com/show_bug.cgi?id=692844
- https://bugzilla.redhat.com/show_bug.cgi?id=692898
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66528