CVE-2012-6329

TWiki MAKETEXT Remote Command Execution

Title source: metasploit

Description

The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.

Exploits (3)

metasploit WORKING POC EXCELLENT

by George Clark, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/twiki_maketext.rb

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremoteunix

https://www.exploit-db.com/exploits/23579

View Code ZIP pw:eip

exploitdb WORKING POC

rubyremoteunix

https://www.exploit-db.com/exploits/23580

View on exploitdb

References (17)

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2013-0685.html

[Issue Tracking] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695224

[Various Sources] http://code.activestate.com/lists/perl5-porters/187746/

[Various Sources] http://code.activestate.com/lists/perl5-porters/187763/

[Vendor Advisory] http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

[Vendor Advisory] http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735

[Various Sources] http://perl5.git.perl.org/perl.git/blob/HEAD:/pod/perl5177delta.pod

[Patch] http://perl5.git.perl.org/perl.git/commit/1735f6f53ca19f99c6e9e39496c486af323ba6a8

[Product] http://sourceforge.net/mailarchive/message.php?msg_id=30219695

[Various Sources] http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2012-6329

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2013:113

[Vendor Advisory] http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

[Vendor Advisory] http://www.ubuntu.com/usn/USN-2099-1

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=884354

[Third Party Advisory] https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0032

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/56950

[Mailing List] http://openwall.com/lists/oss-security/2012/12/11/4

Scores

EPSS 0.8335

EPSS Percentile 99.3%

Classification

CWE

CWE-94

Status draft

Affected Products (50)

perl/perl < 5.16.2

perl/perl

perl/perl

perl/perl

perl/perl

perl/perl

perl/perl

perl/perl

perl/perl

perl/perl

perl/perl

perl/perl

perl/perl

perl/perl

perl/perl

... and 35 more

Timeline

Published Jan 04, 2013

Tracked Since Feb 18, 2026