Unrated severityNVD Advisory· Published Feb 7, 2005· Updated Apr 16, 2026
CVE-2005-0156
CVE-2005-0156
Description
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
Affected products
32cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*
cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
15- www.redhat.com/support/errata/RHSA-2005-103.htmlnvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-105.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/12426nvdPatchVendor Advisory
- www.trustix.org/errata/2005/0003/nvdPatchVendor Advisory
- www.gentoo.org/security/en/glsa/glsa-200502-13.xmlnvdExploitVendor Advisory
- distro.conectiva.com.br/atualizacoes/nvd
- fedoranews.org/updates/FEDORA--.shtmlnvd
- marc.infonvd
- marc.infonvd
- secunia.com/advisories/14120nvd
- secunia.com/advisories/55314nvd
- www.digitalmunition.com/DMA%5B2005-0131b%5D.txtnvd
- www.mandriva.com/security/advisoriesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/19208nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803nvd
News mentions
0No linked articles in our index yet.