Perl Config::IniFiles Module Insecure Temporary File Creation Vulnerability

The Config::IniFiles module of Perl is prone to a vulnerability because it creates temporary files in an insecure manner.

Successfully mounting a symlink attack may allow the attacker to corrupt sensitive files or gain access to sensitive information. Other attacks may also be possible.

Config::IniFiles versions prior to 2.71 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus