https://www.exploit-db.com/exploits/24128
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-785

Perl是流行的跨平台编程语言。ActiveStatePerl和Perlforcygwin在传递数据给Perlsystem()函数调用时缺少正确边界缓冲区检查，远程攻击者可以利用这个漏洞以调用应用程序进程在系统上执行任意指令。提交超长数据作为system()函数参数，会导致发生缓冲区溢出，精心构建提交数据可能以调用应用程序进程在系统上执行任意指令。

source: http://www.securityfocus.com/bid/10375/info

ActiveState Perl and Perl for cygwin are both reported to be prone to a buffer overflow vulnerability. 

The issue is reported to exist due to a lack of sufficient bounds checking that is performed on data that is passed to a Perl system() function call. This vulnerability may permit an attacker to influence execution flow of a vulnerable Perl script to ultimately execute arbitrary code. Arbitrary code execution will occur in the context of the user who is running the malicious Perl script.

perl -e "$a="A" x 256; system($a)"

来源:XF
名称:perl-system-bo(16169)
链接:http://xforce.iss.net/xforce/xfdb/16169
来源:BID
名称:10375
链接:http://www.securityfocus.com/bid/10375
来源:www.perlmonks.org
链接:http://www.perlmonks.org/index.pl?node_id=354145
来源:www.oliverkarow.de
链接:http://www.oliverkarow.de/research/ActivePerlSystemBOF.txt
来源:FULLDISC
名称:20040518Re:BufferOverflowinActivePerl?
链接:http://marc.theaimsgroup.com/?l=full-disclosure&m;=108489112131099&w;=2
来源:FULLDISC
名称:20040517RE:BufferOverflowinActivePerl?
链接:http://marc.theaimsgroup.com/?l=full-disclosure&m;=108483058514596&w;=2
来源:FULLDISC
名称:20040517BufferOverflowinActivePerl?
链接:http://marc.theaimsgroup.com/?l=full-disclosure&m;=108482796105922&w;=2
来源:BUGTRAQ
名称:20040518RE:[Full-Disclosure]Re:BufferOverflowinActivePerl?
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108489894009025&w;=2
来源:FULLDISC
名称:20040518Re[2]:[Full-Disclosure]BufferOverflowinActivePerl?
链接:http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0905.html
来源：NSFOCUS
名称：6463
链接：http://www.nsfocus.net/