A remote code execution vulnerability exists in Microsoft Agent in the way that it handles certain specially crafted URLs. The risk is HIGH. Remote code execution.
Agent::Driver::Default(3pm) User Contributed Perl Documentation Agent::Driver::Default(3pm)NAME
Log::Agent::Driver::Default - default logging driver for Log::Agent
SYNOPSIS
# Implicit use
use Log::Agent;
logconfig(-prefix => "prefix"); # optional
# Explicit use
use Log::Agent;
require Log::Agent::Driver::Default;
my $driver = Log::Agent::Driver::Default->make("prefix");
logconfig(-driver => $driver);
DESCRIPTION
The default logging driver remaps the logxxx() operations to their default Perl counterpart. For instance, logerr() will issue a warn() and
logwarn() will call warn() with a clear "WARNING: " emphasis (to distinguish between the two calls).
The only routine of interest here is the creation routine:
make($prefix)
Create a Log::Agent::Driver::Default driver whose prefix string will be $prefix. When no prefix is configured, the first letter of each
logged string will be uppercased.
CHANNELS
The "error", "output" and "debug" channels all go to STDERR.
BUGS
If logdie() is used within an eval(), the string you will get in $@ will be prefixed. It's not really a bug, simply that wrapping a code
into eval() and parsing $@ is poor's man exception handling which shows its limit here: since the programmer using logdie() cannot foresee
which driver will be used, the returned string cannot be determined precisely. Morality: use die() if you mean it, and document the string
as an exception.
AUTHOR
Raphael Manfredi <Raphael_Manfredi@pobox.com>
SEE ALSO Log::Agent::Driver(3), Log::Agent(3).
perl v5.10.0 2009-07-23 Agent::Driver::Default(3pm)