CVE-2012-6329

TWiki MAKETEXT Remote Command Execution

Title source: metasploit

Description

The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremoteunix

https://www.exploit-db.com/exploits/23579

View Code ZIP pw:eip

exploitdb WORKING POC

rubyremoteunix

https://www.exploit-db.com/exploits/23580

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by George Clark, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/twiki_maketext.rb

View Code ZIP pw:eip

References (17)

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2013-0685.html

[Issue Tracking] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695224

[Various Sources] http://code.activestate.com/lists/perl5-porters/187746/

[Various Sources] http://code.activestate.com/lists/perl5-porters/187763/

[Vendor Advisory] http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

[Vendor Advisory] http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735

[Various Sources] http://perl5.git.perl.org/perl.git/blob/HEAD:/pod/perl5177delta.pod

[Patch] http://perl5.git.perl.org/perl.git/commit/1735f6f53ca19f99c6e9e39496c486af323ba6a8

[Product] http://sourceforge.net/mailarchive/message.php?msg_id=30219695

[Various Sources] http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2012-6329

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2013:113

[Vendor Advisory] http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

[Vendor Advisory] http://www.ubuntu.com/usn/USN-2099-1

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=884354

[Third Party Advisory] https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0032

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/56950

[Mailing List] http://openwall.com/lists/oss-security/2012/12/11/4

Scores

EPSS 0.8197

EPSS Percentile 99.2%

Details

CWE

CWE-94

Status published

Products (31)

perl/perl 5.10

perl/perl 5.10.0 (3 CPE variants)

perl/perl 5.10.1 (3 CPE variants)

perl/perl 5.11.0

perl/perl 5.11.1

perl/perl 5.11.2

perl/perl 5.11.3

perl/perl 5.11.4

perl/perl 5.11.5

perl/perl 5.12.0 (7 CPE variants)

... and 21 more

Published Jan 04, 2013

Tracked Since Feb 18, 2026