Perl 'rmdir()' Local Race Condition Privilege Escalation Vulnerability

info
discussion
exploit
solution
references

Perl 'rmdir()' Local Race Condition Privilege Escalation Vulnerability

Perl is reported prone to a local race-condition vulnerability. The issue resides in the 'rmtree()' function provided by the 'File::Path.pm' module.

A successful attack may allow an attacker to gain elevated privileges on a vulnerable computer.

UPDATE (December 2, 2008): This issue has been reported in Perl 5.8.8 and 5.10.