The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| malcolm_nooning | pirpc | * |
| malcolm_nooning | pirpc | 0.2003 |
| malcolm_nooning | pirpc | 0.2018 |
| malcolm_nooning | pirpc | 0.2010 |
| malcolm_nooning | pirpc | 0.2011 |
| malcolm_nooning | pirpc | 0.2013 |
| malcolm_nooning | pirpc | 0.2002 |
| malcolm_nooning | pirpc | 0.2012 |
| malcolm_nooning | pirpc | 0.2016 |
| malcolm_nooning | pirpc | 0.2014 |
| malcolm_nooning | pirpc | 0.2000 |
| malcolm_nooning | pirpc | 0.2001 |
| malcolm_nooning | pirpc | 0.2019 |
| malcolm_nooning | pirpc | 0.2017 |