{"id":3308,"date":"2004-04-07T17:16:57","date_gmt":"2004-04-07T15:16:57","guid":{"rendered":"https:\/\/destinationcyber.com\/?p=3308"},"modified":"2004-04-07T17:16:57","modified_gmt":"2004-04-07T15:16:57","slug":"le-langage-perl-menace-un-nouveau-genre-de-virus","status":"publish","type":"post","link":"https:\/\/destinationcyber.com\/?p=3308","title":{"rendered":"Le langage Perl menac\u00e9? Un nouveau genre de virus…"},"content":{"rendered":"

Une faille dans Perl et ActivePerl peut compromettre un syst\u00e8me en le rendant vuln\u00e9rable<\/p>\n

Il n’y a pas que les syst\u00e8mes d’exploitation ou les navigateurs pour \u00eatre victimes de failles mena\u00e7ant leur int\u00e9grit\u00e9 et les syst\u00e8mes sur lesquels ils \u00e9voluent… les langages peuvent, eux aussi, pr\u00e9senter des faiblesses qui peuvent les rendent vuln\u00e9rables.<\/p>\n

Perl, le c\u00e9l\u00e8bre langage libre qui participe depuis plusieurs ann\u00e9es au d\u00e9veloppement du Web dynamique, ainsi qu’ActivePerl, pr\u00e9sentent eux aussi une faille de s\u00e9curit\u00e9.<\/p>\n

Une erreur binaire dans la fonction ‘win32_stat()’ permet en effet de saturer la m\u00e9moire du syst\u00e8me en lui soumettant un nom de fichier particuli\u00e8rement long et termin\u00e9 par un caract\u00e8re anti-slash \u00ab\u00a0\\\u00a0\u00bb.<\/p>\n

L’exploitation de la faille permet alors d’ex\u00e9cuter sur un serveur Web un code arbitraire qui rend possible l’affichage des mots de passe dans un script Perl.<\/p>\n

La faille a \u00e9t\u00e9 corrig\u00e9e avec la version Perl 5.8.4.<\/p>\n

[source – Silicon.fr] <\/p>\n","protected":false},"excerpt":{"rendered":"

Une faille dans Perl et ActivePerl peut compromettre un syst\u00e8me en le rendant vuln\u00e9rable<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_citadela_custom_class":"","footnotes":""},"categories":[15],"tags":[],"class_list":["post-3308","post","type-post","status-publish","format-standard","hentry","category-securite"],"_links":{"self":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/3308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3308"}],"version-history":[{"count":0,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/3308\/revisions"}],"wp:attachment":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}