CVE-2011-0761

Perl 5.10.x DoS via NULL Pointer Dereference in getpeername, readdir, closedir, getsockname, rewinddir, tell, or telldir

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-0761. PoCs published by Jonathan Brossard.

AI-analyzed exploit summary This exploit triggers a NULL-pointer dereference in Perl 5.10.x by passing malformed arguments to the `getsockname` function, leading to a segmentation fault and denial of service.

Description

Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir function call.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jonathan Brossard · perldosmultiple

https://www.exploit-db.com/exploits/35725

View Code ZIP pw:eip

This exploit triggers a NULL-pointer dereference in Perl 5.10.x by passing malformed arguments to the `getsockname` function, leading to a segmentation fault and denial of service.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Perl 5.10.x

No auth needed

Prerequisites: Perl 5.10.x installed on the target system

MITRE ATT&CK