{"cve": [{"lastseen": "2021-02-02T05:35:18", "description": "Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.", "edition": 4, "cvss3": {}, "published": "2008-12-01T17:30:00", "title": "CVE-2008-5302", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5302"], "modified": "2018-10-11T20:54:00", "cpe": ["cpe:/a:perl:file\\:\\"], "id": "CVE-2008-5302", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5302", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:perl:file\\:\\:path:2.07:*:*:*:*:*:*:*", "cpe:2.3:a:perl:file\\:\\:path:1.08:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-01-17T14:03:39", "description": "This perl update fixes a race condition in rmtree. (CVE-2008-5302)", "edition": 21, "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : perl (perl-482)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302"], "modified": "2009-07-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:perl", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:perl-base", "p-cpe:/a:novell:opensuse:perl-32bit"], "id": "SUSE_11_0_PERL-090128.NASL", "href": "https://www.tenable.com/plugins/nessus/40105", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update perl-482.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40105);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5302\");\n\n script_name(english:\"openSUSE Security Update : perl (perl-482)\");\n script_summary(english:\"Check for the perl-482 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"This perl update fixes a race condition in rmtree. (CVE-2008-5302)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=450385\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected perl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-base\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"perl-5.10.0-37.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"perl-base-5.10.0-37.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"perl-32bit-5.10.0-37.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:52:43", "description": "Multiple vulnerabilities has been discovered and corrected in Path.pm\nand Safe.pm which could lead to escalated privilegies (CVE-2008-5302,\nCVE-2008-5303, CVE-2010-1168, CVE-2010-1447). The updated packages\nhave been patched to correct these issues.", "edition": 25, "published": "2010-06-14T00:00:00", "title": "Mandriva Linux Security Advisory : perl (MDVSA-2010:116)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "modified": "2010-06-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:perl-base", "p-cpe:/a:mandriva:linux:perl-suid", "p-cpe:/a:mandriva:linux:perl-doc", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:perl-devel", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:perl"], "id": "MANDRIVA_MDVSA-2010-116.NASL", "href": "https://www.tenable.com/plugins/nessus/46878", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:116. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46878);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2008-5302\",\n \"CVE-2008-5303\",\n \"CVE-2010-1168\",\n \"CVE-2010-1447\"\n );\n script_bugtraq_id(\n 12767,\n 40302,\n 40305\n );\n script_xref(name:\"MDVSA\", value:\"2010:116\");\n\n script_name(english:\"Mandriva Linux Security Advisory : perl (MDVSA-2010:116)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in Path.pm\nand Safe.pm which could lead to escalated privilegies (CVE-2008-5302,\nCVE-2008-5303, CVE-2010-1168, CVE-2010-1447). The updated packages\nhave been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-suid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"perl-5.8.8-12.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"perl-base-5.8.8-12.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"perl-devel-5.8.8-12.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"perl-doc-5.8.8-12.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"perl-suid-5.8.8-12.3mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"perl-5.10.1-3.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"perl-base-5.10.1-3.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"perl-devel-5.10.1-3.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"perl-doc-5.10.1-3.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"perl-suid-5.10.1-3.1mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:26:21", "description": "Updated perl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPerl is a high-level programming language commonly used for system\nadministration utilities and web programming. The Safe extension\nmodule allows users to compile and execute Perl code in restricted\ncompartments. The File::Path module allows users to create and remove\ndirectory trees.\n\nThe Safe module did not properly restrict the code of implicitly\ncalled methods (such as DESTROY and AUTOLOAD) on implicitly blessed\nobjects returned as a result of unsafe code evaluation. These methods\ncould have been executed unrestricted by Safe when such objects were\naccessed or destroyed. A specially crafted Perl script executed inside\nof a Safe compartment could use this flaw to bypass intended Safe\nmodule restrictions. (CVE-2010-1168)\n\nThe Safe module did not properly restrict code compiled in a Safe\ncompartment and executed out of the compartment via a subroutine\nreference returned as a result of unsafe code evaluation. A specially\ncrafted Perl script executed inside of a Safe compartment could use\nthis flaw to bypass intended Safe module restrictions, if the returned\nsubroutine reference was called from outside of the compartment.\n(CVE-2010-1447)\n\nMultiple race conditions were found in the way the File::Path module's\nrmtree function removed directory trees. A malicious, local user with\nwrite access to a directory being removed by a victim, running a Perl\nscript using rmtree, could cause the permissions of arbitrary files to\nbe changed to world-writable and setuid, or delete arbitrary files via\na symbolic link attack, if the victim had the privileges to change the\npermissions of the target files or to remove them. (CVE-2008-5302,\nCVE-2008-5303)\n\nRed Hat would like to thank Tim Bunce for responsibly reporting the\nCVE-2010-1168 and CVE-2010-1447 issues. Upstream acknowledges Nick\nCleaton as the original reporter of CVE-2010-1168, and Tim Bunce and\nRafael Garcia-Suarez as the original reporters of CVE-2010-1447.\n\nThese packages upgrade the Safe extension module to version 2.27.\nRefer to the Safe module's Changes file, linked to in the References,\nfor a full list of changes.\n\nUsers of perl are advised to upgrade to these updated packages, which\ncorrect these issues. All applications using the Safe or File::Path\nmodules must be restarted for this update to take effect.", "edition": 27, "published": "2010-06-14T00:00:00", "title": "CentOS 5 : perl (CESA-2010:0458)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "modified": "2010-06-14T00:00:00", "cpe": ["p-cpe:/a:centos:centos:perl", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:perl-suidperl"], "id": "CENTOS_RHSA-2010-0458.NASL", "href": "https://www.tenable.com/plugins/nessus/46874", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0458 and \n# CentOS Errata and Security Advisory 2010:0458 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46874);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2010-1168\", \"CVE-2010-1447\");\n script_bugtraq_id(12767, 40302, 40305);\n script_xref(name:\"RHSA\", value:\"2010:0458\");\n\n script_name(english:\"CentOS 5 : perl (CESA-2010:0458)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated perl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPerl is a high-level programming language commonly used for system\nadministration utilities and web programming. The Safe extension\nmodule allows users to compile and execute Perl code in restricted\ncompartments. The File::Path module allows users to create and remove\ndirectory trees.\n\nThe Safe module did not properly restrict the code of implicitly\ncalled methods (such as DESTROY and AUTOLOAD) on implicitly blessed\nobjects returned as a result of unsafe code evaluation. These methods\ncould have been executed unrestricted by Safe when such objects were\naccessed or destroyed. A specially crafted Perl script executed inside\nof a Safe compartment could use this flaw to bypass intended Safe\nmodule restrictions. (CVE-2010-1168)\n\nThe Safe module did not properly restrict code compiled in a Safe\ncompartment and executed out of the compartment via a subroutine\nreference returned as a result of unsafe code evaluation. A specially\ncrafted Perl script executed inside of a Safe compartment could use\nthis flaw to bypass intended Safe module restrictions, if the returned\nsubroutine reference was called from outside of the compartment.\n(CVE-2010-1447)\n\nMultiple race conditions were found in the way the File::Path module's\nrmtree function removed directory trees. A malicious, local user with\nwrite access to a directory being removed by a victim, running a Perl\nscript using rmtree, could cause the permissions of arbitrary files to\nbe changed to world-writable and setuid, or delete arbitrary files via\na symbolic link attack, if the victim had the privileges to change the\npermissions of the target files or to remove them. (CVE-2008-5302,\nCVE-2008-5303)\n\nRed Hat would like to thank Tim Bunce for responsibly reporting the\nCVE-2010-1168 and CVE-2010-1447 issues. Upstream acknowledges Nick\nCleaton as the original reporter of CVE-2010-1168, and Tim Bunce and\nRafael Garcia-Suarez as the original reporters of CVE-2010-1447.\n\nThese packages upgrade the Safe extension module to version 2.27.\nRefer to the Safe module's Changes file, linked to in the References,\nfor a full list of changes.\n\nUsers of perl are advised to upgrade to these updated packages, which\ncorrect these issues. All applications using the Safe or File::Path\nmodules must be restarted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-June/016716.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bda2c19a\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-June/016724.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ed9334b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected perl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-suidperl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"perl-5.8.8-32.el5_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"perl-suidperl-5.8.8-32.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl / perl-suidperl\");\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:07:49", "description": "Updated perl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPerl is a high-level programming language commonly used for system\nadministration utilities and web programming. The Safe extension\nmodule allows users to compile and execute Perl code in restricted\ncompartments. The File::Path module allows users to create and remove\ndirectory trees.\n\nThe Safe module did not properly restrict the code of implicitly\ncalled methods (such as DESTROY and AUTOLOAD) on implicitly blessed\nobjects returned as a result of unsafe code evaluation. These methods\ncould have been executed unrestricted by Safe when such objects were\naccessed or destroyed. A specially crafted Perl script executed inside\nof a Safe compartment could use this flaw to bypass intended Safe\nmodule restrictions. (CVE-2010-1168)\n\nThe Safe module did not properly restrict code compiled in a Safe\ncompartment and executed out of the compartment via a subroutine\nreference returned as a result of unsafe code evaluation. A specially\ncrafted Perl script executed inside of a Safe compartment could use\nthis flaw to bypass intended Safe module restrictions, if the returned\nsubroutine reference was called from outside of the compartment.\n(CVE-2010-1447)\n\nMultiple race conditions were found in the way the File::Path module's\nrmtree function removed directory trees. A malicious, local user with\nwrite access to a directory being removed by a victim, running a Perl\nscript using rmtree, could cause the permissions of arbitrary files to\nbe changed to world-writable and setuid, or delete arbitrary files via\na symbolic link attack, if the victim had the privileges to change the\npermissions of the target files or to remove them. (CVE-2008-5302,\nCVE-2008-5303)\n\nRed Hat would like to thank Tim Bunce for responsibly reporting the\nCVE-2010-1168 and CVE-2010-1447 issues. Upstream acknowledges Nick\nCleaton as the original reporter of CVE-2010-1168, and Tim Bunce and\nRafael Garcia-Suarez as the original reporters of CVE-2010-1447.\n\nThese packages upgrade the Safe extension module to version 2.27.\nRefer to the Safe module's Changes file, linked to in the References,\nfor a full list of changes.\n\nUsers of perl are advised to upgrade to these updated packages, which\ncorrect these issues. All applications using the Safe or File::Path\nmodules must be restarted for this update to take effect.", "edition": 29, "published": "2010-06-08T00:00:00", "title": "RHEL 5 : perl (RHSA-2010:0458)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "modified": "2010-06-08T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:perl", "p-cpe:/a:redhat:enterprise_linux:perl-suidperl"], "id": "REDHAT-RHSA-2010-0458.NASL", "href": "https://www.tenable.com/plugins/nessus/46834", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0458. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46834);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2010-1168\", \"CVE-2010-1447\");\n script_bugtraq_id(12767, 40302, 40305);\n script_xref(name:\"RHSA\", value:\"2010:0458\");\n\n script_name(english:\"RHEL 5 : perl (RHSA-2010:0458)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated perl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPerl is a high-level programming language commonly used for system\nadministration utilities and web programming. The Safe extension\nmodule allows users to compile and execute Perl code in restricted\ncompartments. The File::Path module allows users to create and remove\ndirectory trees.\n\nThe Safe module did not properly restrict the code of implicitly\ncalled methods (such as DESTROY and AUTOLOAD) on implicitly blessed\nobjects returned as a result of unsafe code evaluation. These methods\ncould have been executed unrestricted by Safe when such objects were\naccessed or destroyed. A specially crafted Perl script executed inside\nof a Safe compartment could use this flaw to bypass intended Safe\nmodule restrictions. (CVE-2010-1168)\n\nThe Safe module did not properly restrict code compiled in a Safe\ncompartment and executed out of the compartment via a subroutine\nreference returned as a result of unsafe code evaluation. A specially\ncrafted Perl script executed inside of a Safe compartment could use\nthis flaw to bypass intended Safe module restrictions, if the returned\nsubroutine reference was called from outside of the compartment.\n(CVE-2010-1447)\n\nMultiple race conditions were found in the way the File::Path module's\nrmtree function removed directory trees. A malicious, local user with\nwrite access to a directory being removed by a victim, running a Perl\nscript using rmtree, could cause the permissions of arbitrary files to\nbe changed to world-writable and setuid, or delete arbitrary files via\na symbolic link attack, if the victim had the privileges to change the\npermissions of the target files or to remove them. (CVE-2008-5302,\nCVE-2008-5303)\n\nRed Hat would like to thank Tim Bunce for responsibly reporting the\nCVE-2010-1168 and CVE-2010-1447 issues. Upstream acknowledges Nick\nCleaton as the original reporter of CVE-2010-1168, and Tim Bunce and\nRafael Garcia-Suarez as the original reporters of CVE-2010-1447.\n\nThese packages upgrade the Safe extension module to version 2.27.\nRefer to the Safe module's Changes file, linked to in the References,\nfor a full list of changes.\n\nUsers of perl are advised to upgrade to these updated packages, which\ncorrect these issues. All applications using the Safe or File::Path\nmodules must be restarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1447\"\n );\n # http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://fastapi.metacpan.org/source/RGARCIA/Safe-2.27/Changes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0458\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl and / or perl-suidperl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-suidperl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0458\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"perl-5.8.8-32.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"perl-5.8.8-32.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"perl-5.8.8-32.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"perl-suidperl-5.8.8-32.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"perl-suidperl-5.8.8-32.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"perl-suidperl-5.8.8-32.el5_5.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl / perl-suidperl\");\n }\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:45:09", "description": "From Red Hat Security Advisory 2010:0458 :\n\nUpdated perl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPerl is a high-level programming language commonly used for system\nadministration utilities and web programming. The Safe extension\nmodule allows users to compile and execute Perl code in restricted\ncompartments. The File::Path module allows users to create and remove\ndirectory trees.\n\nThe Safe module did not properly restrict the code of implicitly\ncalled methods (such as DESTROY and AUTOLOAD) on implicitly blessed\nobjects returned as a result of unsafe code evaluation. These methods\ncould have been executed unrestricted by Safe when such objects were\naccessed or destroyed. A specially crafted Perl script executed inside\nof a Safe compartment could use this flaw to bypass intended Safe\nmodule restrictions. (CVE-2010-1168)\n\nThe Safe module did not properly restrict code compiled in a Safe\ncompartment and executed out of the compartment via a subroutine\nreference returned as a result of unsafe code evaluation. A specially\ncrafted Perl script executed inside of a Safe compartment could use\nthis flaw to bypass intended Safe module restrictions, if the returned\nsubroutine reference was called from outside of the compartment.\n(CVE-2010-1447)\n\nMultiple race conditions were found in the way the File::Path module's\nrmtree function removed directory trees. A malicious, local user with\nwrite access to a directory being removed by a victim, running a Perl\nscript using rmtree, could cause the permissions of arbitrary files to\nbe changed to world-writable and setuid, or delete arbitrary files via\na symbolic link attack, if the victim had the privileges to change the\npermissions of the target files or to remove them. (CVE-2008-5302,\nCVE-2008-5303)\n\nRed Hat would like to thank Tim Bunce for responsibly reporting the\nCVE-2010-1168 and CVE-2010-1447 issues. Upstream acknowledges Nick\nCleaton as the original reporter of CVE-2010-1168, and Tim Bunce and\nRafael Garcia-Suarez as the original reporters of CVE-2010-1447.\n\nThese packages upgrade the Safe extension module to version 2.27.\nRefer to the Safe module's Changes file, linked to in the References,\nfor a full list of changes.\n\nUsers of perl are advised to upgrade to these updated packages, which\ncorrect these issues. All applications using the Safe or File::Path\nmodules must be restarted for this update to take effect.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : perl (ELSA-2010-0458)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:perl-suidperl", "p-cpe:/a:oracle:linux:perl"], "id": "ORACLELINUX_ELSA-2010-0458.NASL", "href": "https://www.tenable.com/plugins/nessus/68048", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0458 and \n# Oracle Linux Security Advisory ELSA-2010-0458 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68048);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2010-1168\", \"CVE-2010-1447\");\n script_bugtraq_id(12767, 40302, 40305);\n script_xref(name:\"RHSA\", value:\"2010:0458\");\n\n script_name(english:\"Oracle Linux 5 : perl (ELSA-2010-0458)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0458 :\n\nUpdated perl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPerl is a high-level programming language commonly used for system\nadministration utilities and web programming. The Safe extension\nmodule allows users to compile and execute Perl code in restricted\ncompartments. The File::Path module allows users to create and remove\ndirectory trees.\n\nThe Safe module did not properly restrict the code of implicitly\ncalled methods (such as DESTROY and AUTOLOAD) on implicitly blessed\nobjects returned as a result of unsafe code evaluation. These methods\ncould have been executed unrestricted by Safe when such objects were\naccessed or destroyed. A specially crafted Perl script executed inside\nof a Safe compartment could use this flaw to bypass intended Safe\nmodule restrictions. (CVE-2010-1168)\n\nThe Safe module did not properly restrict code compiled in a Safe\ncompartment and executed out of the compartment via a subroutine\nreference returned as a result of unsafe code evaluation. A specially\ncrafted Perl script executed inside of a Safe compartment could use\nthis flaw to bypass intended Safe module restrictions, if the returned\nsubroutine reference was called from outside of the compartment.\n(CVE-2010-1447)\n\nMultiple race conditions were found in the way the File::Path module's\nrmtree function removed directory trees. A malicious, local user with\nwrite access to a directory being removed by a victim, running a Perl\nscript using rmtree, could cause the permissions of arbitrary files to\nbe changed to world-writable and setuid, or delete arbitrary files via\na symbolic link attack, if the victim had the privileges to change the\npermissions of the target files or to remove them. (CVE-2008-5302,\nCVE-2008-5303)\n\nRed Hat would like to thank Tim Bunce for responsibly reporting the\nCVE-2010-1168 and CVE-2010-1447 issues. Upstream acknowledges Nick\nCleaton as the original reporter of CVE-2010-1168, and Tim Bunce and\nRafael Garcia-Suarez as the original reporters of CVE-2010-1447.\n\nThese packages upgrade the Safe extension module to version 2.27.\nRefer to the Safe module's Changes file, linked to in the References,\nfor a full list of changes.\n\nUsers of perl are advised to upgrade to these updated packages, which\ncorrect these issues. All applications using the Safe or File::Path\nmodules must be restarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-June/001491.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected perl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-suidperl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"perl-5.8.8-32.el5_5.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"perl-suidperl-5.8.8-32.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl / perl-suidperl\");\n}\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:44:51", "description": "Perl is a high-level programming language commonly used for system\nadministration utilities and web programming. The Safe extension\nmodule allows users to compile and execute Perl code in restricted\ncompartments. The File::Path module allows users to create and remove\ndirectory trees.\n\nThe Safe module did not properly restrict the code of implicitly\ncalled methods (such as DESTROY and AUTOLOAD) on implicitly blessed\nobjects returned as a result of unsafe code evaluation. These methods\ncould have been executed unrestricted by Safe when such objects were\naccessed or destroyed. A specially crafted Perl script executed inside\nof a Safe compartment could use this flaw to bypass intended Safe\nmodule restrictions. (CVE-2010-1168)\n\nThe Safe module did not properly restrict code compiled in a Safe\ncompartment and executed out of the compartment via a subroutine\nreference returned as a result of unsafe code evaluation. A specially\ncrafted Perl script executed inside of a Safe compartment could use\nthis flaw to bypass intended Safe module restrictions, if the returned\nsubroutine reference was called from outside of the compartment.\n(CVE-2010-1447)\n\nMultiple race conditions were found in the way the File::Path module's\nrmtree function removed directory trees. A malicious, local user with\nwrite access to a directory being removed by a victim, running a Perl\nscript using rmtree, could cause the permissions of arbitrary files to\nbe changed to world-writable and setuid, or delete arbitrary files via\na symbolic link attack, if the victim had the privileges to change the\npermissions of the target files or to remove them. (CVE-2008-5302,\nCVE-2008-5303)\n\nThese packages upgrade the Safe extension module to version 2.27.\nRefer to the Safe module's Changes file at the following link for a\nfull list of changes.\nhttp://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes\n\nAll applications using the Safe or File::Path modules must be\nrestarted for this update to take effect.\n\nNOTE: SL 50-52 x86_64 releases originally had a perl.i386 package. It\nwas taken out of the x86_64 SL5 distribution and is not part of this\nsecurity update. If you have one of these earlier SL5 x86_64\ndistributions and your perl update does not work due to conflicts, you\nshould do a 'yum remove perl.i386' before doing your update on these\nearlier SL 5 x86_64 releases.", "edition": 26, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : perl on SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20100607_PERL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60801", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60801);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2010-1168\", \"CVE-2010-1447\");\n\n script_name(english:\"Scientific Linux Security Update : perl on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Perl is a high-level programming language commonly used for system\nadministration utilities and web programming. The Safe extension\nmodule allows users to compile and execute Perl code in restricted\ncompartments. The File::Path module allows users to create and remove\ndirectory trees.\n\nThe Safe module did not properly restrict the code of implicitly\ncalled methods (such as DESTROY and AUTOLOAD) on implicitly blessed\nobjects returned as a result of unsafe code evaluation. These methods\ncould have been executed unrestricted by Safe when such objects were\naccessed or destroyed. A specially crafted Perl script executed inside\nof a Safe compartment could use this flaw to bypass intended Safe\nmodule restrictions. (CVE-2010-1168)\n\nThe Safe module did not properly restrict code compiled in a Safe\ncompartment and executed out of the compartment via a subroutine\nreference returned as a result of unsafe code evaluation. A specially\ncrafted Perl script executed inside of a Safe compartment could use\nthis flaw to bypass intended Safe module restrictions, if the returned\nsubroutine reference was called from outside of the compartment.\n(CVE-2010-1447)\n\nMultiple race conditions were found in the way the File::Path module's\nrmtree function removed directory trees. A malicious, local user with\nwrite access to a directory being removed by a victim, running a Perl\nscript using rmtree, could cause the permissions of arbitrary files to\nbe changed to world-writable and setuid, or delete arbitrary files via\na symbolic link attack, if the victim had the privileges to change the\npermissions of the target files or to remove them. (CVE-2008-5302,\nCVE-2008-5303)\n\nThese packages upgrade the Safe extension module to version 2.27.\nRefer to the Safe module's Changes file at the following link for a\nfull list of changes.\nhttp://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes\n\nAll applications using the Safe or File::Path modules must be\nrestarted for this update to take effect.\n\nNOTE: SL 50-52 x86_64 releases originally had a perl.i386 package. It\nwas taken out of the x86_64 SL5 distribution and is not part of this\nsecurity update. If you have one of these earlier SL5 x86_64\ndistributions and your perl update does not work due to conflicts, you\nshould do a 'yum remove perl.i386' before doing your update on these\nearlier SL 5 x86_64 releases.\"\n );\n # http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://fastapi.metacpan.org/source/RGARCIA/Safe-2.27/Changes\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1006&L=scientific-linux-errata&T=0&P=400\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1083ee3c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl and / or perl-suidperl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_cwe_id(362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"perl-5.8.8-32.el5_5.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"perl-suidperl-5.8.8-32.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:44:22", "description": "USN-700-1 fixed vulnerabilities in Perl. Due to problems with the\nUbuntu 8.04 build, some Perl .ph files were missing from the resulting\nupdate. This update fixes the problem. We apologize for the\ninconvenience.\n\nJonathan Smith discovered that the Archive::Tar Perl module did not\ncorrectly handle symlinks when extracting archives. If a user or\nautomated system were tricked into opening a specially crafted tar\nfile, a remote attacker could over-write arbitrary files.\n(CVE-2007-4829)\n\nTavis Ormandy and Will Drewry discovered that Perl did not\ncorrectly handle certain utf8 characters in regular\nexpressions. If a user or automated system were tricked into\nusing a specially crafted expression, a remote attacker\ncould crash the application, leading to a denial of service.\nUbuntu 8.10 was not affected by this issue. (CVE-2008-1927)\n\nA race condition was discovered in the File::Path Perl\nmodule's rmtree function. If a local attacker successfully\nraced another user's call of rmtree, they could create\narbitrary setuid binaries. Ubuntu 6.06 and 8.10 were not\naffected by this issue. (CVE-2008-5302)\n\nA race condition was discovered in the File::Path Perl\nmodule's rmtree function. If a local attacker successfully\nraced another user's call of rmtree, they could delete\narbitrary files. Ubuntu 6.06 was not affected by this issue.\n(CVE-2008-5303).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2009-04-23T00:00:00", "title": "Ubuntu 8.04 LTS : perl regression (USN-700-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1927", "CVE-2008-5302", "CVE-2008-5303", "CVE-2007-4829"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libperl5.8", "p-cpe:/a:canonical:ubuntu_linux:libperl-dev", "p-cpe:/a:canonical:ubuntu_linux:perl-modules", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:perl-base", "p-cpe:/a:canonical:ubuntu_linux:perl-doc", "p-cpe:/a:canonical:ubuntu_linux:perl-suid", "p-cpe:/a:canonical:ubuntu_linux:perl-debug", "p-cpe:/a:canonical:ubuntu_linux:perl", "p-cpe:/a:canonical:ubuntu_linux:libcgi-fast-perl"], "id": "UBUNTU_USN-700-2.NASL", "href": "https://www.tenable.com/plugins/nessus/37746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-700-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37746);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-4829\", \"CVE-2008-1927\", \"CVE-2008-5302\", \"CVE-2008-5303\");\n script_bugtraq_id(12767, 26355, 28928);\n script_xref(name:\"USN\", value:\"700-2\");\n\n script_name(english:\"Ubuntu 8.04 LTS : perl regression (USN-700-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-700-1 fixed vulnerabilities in Perl. Due to problems with the\nUbuntu 8.04 build, some Perl .ph files were missing from the resulting\nupdate. This update fixes the problem. We apologize for the\ninconvenience.\n\nJonathan Smith discovered that the Archive::Tar Perl module did not\ncorrectly handle symlinks when extracting archives. If a user or\nautomated system were tricked into opening a specially crafted tar\nfile, a remote attacker could over-write arbitrary files.\n(CVE-2007-4829)\n\nTavis Ormandy and Will Drewry discovered that Perl did not\ncorrectly handle certain utf8 characters in regular\nexpressions. If a user or automated system were tricked into\nusing a specially crafted expression, a remote attacker\ncould crash the application, leading to a denial of service.\nUbuntu 8.10 was not affected by this issue. (CVE-2008-1927)\n\nA race condition was discovered in the File::Path Perl\nmodule's rmtree function. If a local attacker successfully\nraced another user's call of rmtree, they could create\narbitrary setuid binaries. Ubuntu 6.06 and 8.10 were not\naffected by this issue. (CVE-2008-5302)\n\nA race condition was discovered in the File::Path Perl\nmodule's rmtree function. If a local attacker successfully\nraced another user's call of rmtree, they could delete\narbitrary files. Ubuntu 6.06 was not affected by this issue.\n(CVE-2008-5303).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/700-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcgi-fast-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libperl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libperl5.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl-suid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libcgi-fast-perl\", pkgver:\"5.8.8-12ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libperl-dev\", pkgver:\"5.8.8-12ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libperl5.8\", pkgver:\"5.8.8-12ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl\", pkgver:\"5.8.8-12ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl-base\", pkgver:\"5.8.8-12ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl-debug\", pkgver:\"5.8.8-12ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl-doc\", pkgver:\"5.8.8-12ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl-modules\", pkgver:\"5.8.8-12ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl-suid\", pkgver:\"5.8.8-12ubuntu0.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcgi-fast-perl / libperl-dev / libperl5.8 / perl / perl-base / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:44:22", "description": "Jonathan Smith discovered that the Archive::Tar Perl module did not\ncorrectly handle symlinks when extracting archives. If a user or\nautomated system were tricked into opening a specially crafted tar\nfile, a remote attacker could over-write arbitrary files.\n(CVE-2007-4829)\n\nTavis Ormandy and Will Drewry discovered that Perl did not correctly\nhandle certain utf8 characters in regular expressions. If a user or\nautomated system were tricked into using a specially crafted\nexpression, a remote attacker could crash the application, leading to\na denial of service. Ubuntu 8.10 was not affected by this issue.\n(CVE-2008-1927)\n\nA race condition was discovered in the File::Path Perl module's rmtree\nfunction. If a local attacker successfully raced another user's call\nof rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06\nand 8.10 were not affected by this issue. (CVE-2008-5302)\n\nA race condition was discovered in the File::Path Perl module's rmtree\nfunction. If a local attacker successfully raced another user's call\nof rmtree, they could delete arbitrary files. Ubuntu 6.06 was not\naffected by this issue. (CVE-2008-5303).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2009-04-23T00:00:00", "title": "Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libarchive-tar-perl, perl vulnerabilities (USN-700-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1927", "CVE-2008-5302", "CVE-2008-5303", "CVE-2007-4829"], "modified": "2009-04-23T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:libarchive-tar-perl", "p-cpe:/a:canonical:ubuntu_linux:libperl5.8", "p-cpe:/a:canonical:ubuntu_linux:libperl-dev", "p-cpe:/a:canonical:ubuntu_linux:perl-modules", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:perl-base", "p-cpe:/a:canonical:ubuntu_linux:perl-doc", "p-cpe:/a:canonical:ubuntu_linux:libperl5.10", "p-cpe:/a:canonical:ubuntu_linux:perl-suid", "p-cpe:/a:canonical:ubuntu_linux:perl-debug", "cpe:/o:canonical:ubuntu_linux:8.10", "p-cpe:/a:canonical:ubuntu_linux:perl", "p-cpe:/a:canonical:ubuntu_linux:libcgi-fast-perl", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-700-1.NASL", "href": "https://www.tenable.com/plugins/nessus/37888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-700-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37888);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-4829\", \"CVE-2008-1927\", \"CVE-2008-5302\", \"CVE-2008-5303\");\n script_bugtraq_id(12767, 26355, 28928);\n script_xref(name:\"USN\", value:\"700-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libarchive-tar-perl, perl vulnerabilities (USN-700-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jonathan Smith discovered that the Archive::Tar Perl module did not\ncorrectly handle symlinks when extracting archives. If a user or\nautomated system were tricked into opening a specially crafted tar\nfile, a remote attacker could over-write arbitrary files.\n(CVE-2007-4829)\n\nTavis Ormandy and Will Drewry discovered that Perl did not correctly\nhandle certain utf8 characters in regular expressions. If a user or\nautomated system were tricked into using a specially crafted\nexpression, a remote attacker could crash the application, leading to\na denial of service. Ubuntu 8.10 was not affected by this issue.\n(CVE-2008-1927)\n\nA race condition was discovered in the File::Path Perl module's rmtree\nfunction. If a local attacker successfully raced another user's call\nof rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06\nand 8.10 were not affected by this issue. (CVE-2008-5302)\n\nA race condition was discovered in the File::Path Perl module's rmtree\nfunction. If a local attacker successfully raced another user's call\nof rmtree, they could delete arbitrary files. Ubuntu 6.06 was not\naffected by this issue. (CVE-2008-5303).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/700-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libarchive-tar-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcgi-fast-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libperl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libperl5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libperl5.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:perl-suid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.10|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.10 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libarchive-tar-perl\", pkgver:\"1.26-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libcgi-fast-perl\", pkgver:\"5.8.7-10ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libperl-dev\", pkgver:\"5.8.7-10ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libperl5.8\", pkgver:\"5.8.7-10ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"perl\", pkgver:\"5.8.7-10ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"perl-base\", pkgver:\"5.8.7-10ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"perl-debug\", pkgver:\"5.8.7-10ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"perl-doc\", pkgver:\"5.8.7-10ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"perl-modules\", pkgver:\"5.8.7-10ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"perl-suid\", pkgver:\"5.8.7-10ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libarchive-tar-perl\", pkgver:\"1.31-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libcgi-fast-perl\", pkgver:\"5.8.8-7ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libperl-dev\", pkgver:\"5.8.8-7ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libperl5.8\", pkgver:\"5.8.8-7ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"perl\", pkgver:\"5.8.8-7ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"perl-base\", pkgver:\"5.8.8-7ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"perl-debug\", pkgver:\"5.8.8-7ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"perl-doc\", pkgver:\"5.8.8-7ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"perl-modules\", pkgver:\"5.8.8-7ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"perl-suid\", pkgver:\"5.8.8-7ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libarchive-tar-perl\", pkgver:\"1.36-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libcgi-fast-perl\", pkgver:\"5.8.8-12ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libperl-dev\", pkgver:\"5.8.8-12ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libperl5.8\", pkgver:\"5.8.8-12ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl\", pkgver:\"5.8.8-12ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl-base\", pkgver:\"5.8.8-12ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl-debug\", pkgver:\"5.8.8-12ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl-doc\", pkgver:\"5.8.8-12ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl-modules\", pkgver:\"5.8.8-12ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"perl-suid\", pkgver:\"5.8.8-12ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libcgi-fast-perl\", pkgver:\"5.10.0-11.1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libperl-dev\", pkgver:\"5.10.0-11.1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libperl5.10\", pkgver:\"5.10.0-11.1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"perl\", pkgver:\"5.10.0-11.1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"perl-base\", pkgver:\"5.10.0-11.1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"perl-debug\", pkgver:\"5.10.0-11.1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"perl-doc\", pkgver:\"5.10.0-11.1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"perl-modules\", pkgver:\"5.10.0-11.1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"perl-suid\", pkgver:\"5.10.0-11.1ubuntu2.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libarchive-tar-perl / libcgi-fast-perl / libperl-dev / libperl5.10 / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:45:10", "description": "Paul Szabo rediscovered a vulnerability in the File::Path::rmtree\nfunction of Perl. It was possible to exploit a race condition to\ncreate setuid binaries in a directory tree or remove arbitrary files\nwhen a process is deleting this tree. This issue was originally known\nas CVE-2005-0448 and CVE-2004-0452, which were addressed by DSA-696-1\nand DSA-620-1. Unfortunately, they were reintroduced later.", "edition": 26, "published": "2008-12-04T00:00:00", "title": "Debian DSA-1678-1 : perl - design flaws", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2004-0452", "CVE-2008-5303", "CVE-2005-0448"], "modified": "2008-12-04T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:perl"], "id": "DEBIAN_DSA-1678.NASL", "href": "https://www.tenable.com/plugins/nessus/35031", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1678. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35031);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\");\n script_bugtraq_id(12767);\n script_xref(name:\"DSA\", value:\"1678\");\n\n script_name(english:\"Debian DSA-1678-1 : perl - design flaws\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Paul Szabo rediscovered a vulnerability in the File::Path::rmtree\nfunction of Perl. It was possible to exploit a race condition to\ncreate setuid binaries in a directory tree or remove arbitrary files\nwhen a process is deleting this tree. This issue was originally known\nas CVE-2005-0448 and CVE-2004-0452, which were addressed by DSA-696-1\nand DSA-620-1. Unfortunately, they were reintroduced later.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286922\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2005-0448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2004-0452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1678\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the perl packages.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 5.8.8-7etch5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"libcgi-fast-perl\", reference:\"5.8.8-7etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libperl-dev\", reference:\"5.8.8-7etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libperl5.8\", reference:\"5.8.8-7etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"perl\", reference:\"5.8.8-7etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"perl-base\", reference:\"5.8.8-7etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"perl-debug\", reference:\"5.8.8-7etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"perl-doc\", reference:\"5.8.8-7etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"perl-modules\", reference:\"5.8.8-7etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"perl-suid\", reference:\"5.8.8-7etch5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:55:19", "description": "The remote host is affected by the vulnerability described in GLSA-201311-17\n(Perl: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Perl. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A local attacker could cause a Denial of Service condition or perform\n symlink attacks to overwrite arbitrary files with the privileges of the\n user running the application. A context-dependent attacker could cause a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 21, "published": "2013-11-29T00:00:00", "title": "GLSA-201311-17 : Perl: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2011-0761", "CVE-2011-1487", "CVE-2010-1158"], "modified": "2013-11-29T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:perl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201311-17.NASL", "href": "https://www.tenable.com/plugins/nessus/71119", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201311-17.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71119);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2010-1158\", \"CVE-2011-0761\", \"CVE-2011-1487\");\n script_bugtraq_id(12767, 47124, 47766);\n script_xref(name:\"GLSA\", value:\"201311-17\");\n\n script_name(english:\"GLSA-201311-17 : Perl: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201311-17\n(Perl: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Perl. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A local attacker could cause a Denial of Service condition or perform\n symlink attacks to overwrite arbitrary files with the privileges of the\n user running the application. A context-dependent attacker could cause a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201311-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Perl users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/perl-5.12.3-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/perl\", unaffected:make_list(\"ge 5.12.3-r1\"), vulnerable:make_list(\"lt 5.12.3-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Perl\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-24T12:49:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303"], "description": "The remote host is missing an update to perl\nannounced via advisory DSA 1678-2.", "modified": "2017-07-07T00:00:00", "published": "2008-12-29T00:00:00", "id": "OPENVAS:63059", "href": "http://plugins.openvas.org/nasl.php?oid=63059", "type": "openvas", "title": "Debian Security Advisory DSA 1678-2 (perl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1678_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1678-2 (perl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The perl update in DSA-1678-1 contains a regression which is triggered\nby some Perl scripts which have changed into the directory tree\nremoved by File::Path::rmtree. In particular, this happens if\nFile::Temp::tempdir is used. This new update corrects this\nregression.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 5.8.8-7etch6.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your perl packages.\";\ntag_summary = \"The remote host is missing an update to perl\nannounced via advisory DSA 1678-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201678-2\";\n\n\nif(description)\n{\n script_id(63059);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-12-29 22:42:24 +0100 (Mon, 29 Dec 2008)\");\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1678-2 (perl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.8.8-7etch6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.8.8-7etch6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.8.8-7etch6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.8.8-7etch6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.8.8-7etch6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.8.8-7etch6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.8.8-7etch6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.8\", ver:\"5.8.8-7etch6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.8.8-7etch6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "description": "Oracle Linux Local Security Checks ELSA-2010-0458", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122354", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122354", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0458", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0458.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122354\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:17:24 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0458\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0458 - perl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0458\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0458.html\");\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2010-1168\", \"CVE-2010-1447\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.8.8~32.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perl-suidperl\", rpm:\"perl-suidperl~5.8.8~32.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:28:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1927", "CVE-2008-5302", "CVE-2008-5303", "CVE-2007-4829"], "description": "The remote host is missing an update to perl\nannounced via advisory USN-700-2.", "modified": "2017-12-01T00:00:00", "published": "2009-01-20T00:00:00", "id": "OPENVAS:63235", "href": "http://plugins.openvas.org/nasl.php?oid=63235", "type": "openvas", "title": "Ubuntu USN-700-2 (perl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_700_2.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_700_2.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-700-2 (perl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n perl 5.8.8-12ubuntu0.4\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-700-2\";\n\ntag_insight = \"USN-700-1 fixed vulnerabilities in Perl. Due to problems with the Ubuntu\n8.04 build, some Perl .ph files were missing from the resulting update.\nThis update fixes the problem. We apologize for the inconvenience.\";\ntag_summary = \"The remote host is missing an update to perl\nannounced via advisory USN-700-2.\";\n\n \n\n\nif(description)\n{\n script_id(63235);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-20 22:42:09 +0100 (Tue, 20 Jan 2009)\");\n script_cve_id(\"CVE-2007-4829\", \"CVE-2008-1927\", \"CVE-2008-5302\", \"CVE-2008-5303\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-700-2 (perl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-700-2/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.8.8-12ubuntu0.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.8.8-12ubuntu0.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.8.8-12ubuntu0.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.8.8-12ubuntu0.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.8\", ver:\"5.8.8-12ubuntu0.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.8.8-12ubuntu0.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.8.8-12ubuntu0.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.8.8-12ubuntu0.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.8.8-12ubuntu0.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:04:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "description": "Check for the Version of timezone", "modified": "2018-01-10T00:00:00", "published": "2010-04-16T00:00:00", "id": "OPENVAS:1361412562310830980", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830980", "type": "openvas", "title": "Mandriva Update for timezone MDVA-2010:116 (timezone)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for timezone MDVA-2010:116 (timezone)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"timezone on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_insight = \"Updated timezone packages are being provided for older Mandriva Linux\n systems that do not contain new Daylight Savings Time information\n and Time Zone information for some locations. These updated packages\n contain the new information.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00009.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830980\");\n script_version(\"$Revision: 8356 $\");\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2010-1168\", \"CVE-2010-1447\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 09:00:39 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-16 17:02:11 +0200 (Fri, 16 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"MDVA\", value: \"2010:116\");\n script_name(\"Mandriva Update for timezone MDVA-2010:116 (timezone)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of timezone\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"timezone-2010h\", rpm:\"timezone-2010h~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"timezone-java-2010h\", rpm:\"timezone-java-2010h~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"timezone-2010h\", rpm:\"timezone-2010h~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"timezone-java-2010h\", rpm:\"timezone-java-2010h~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"timezone-2010h\", rpm:\"timezone-2010h~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"timezone-java-2010h\", rpm:\"timezone-java-2010h~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"timezone-2010h\", rpm:\"timezone-2010h~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"timezone-java-2010h\", rpm:\"timezone-java-2010h~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"timezone-2010h\", rpm:\"timezone-2010h~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"timezone-java-2010h\", rpm:\"timezone-java-2010h~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-18T10:58:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "description": "Check for the Version of timezone", "modified": "2017-12-18T00:00:00", "published": "2010-04-16T00:00:00", "id": "OPENVAS:830980", "href": "http://plugins.openvas.org/nasl.php?oid=830980", "type": "openvas", "title": "Mandriva Update for timezone MDVA-2010:116 (timezone)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for timezone MDVA-2010:116 (timezone)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"timezone on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_insight = \"Updated timezone packages are being provided for older Mandriva Linux\n systems that do not contain new Daylight Savings Time information\n and Time Zone information for some locations. These updated packages\n contain the new information.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00009.php\");\n script_id(830980);\n script_version(\"$Revision: 8153 $\");\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2010-1168\", \"CVE-2010-1447\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-16 17:02:11 +0200 (Fri, 16 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"MDVA\", value: \"2010:116\");\n script_name(\"Mandriva Update for timezone MDVA-2010:116 (timezone)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of timezone\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"timezone-2010h\", rpm:\"timezone-2010h~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"timezone-java-2010h\", rpm:\"timezone-java-2010h~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"timezone-2010h\", rpm:\"timezone-2010h~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"timezone-java-2010h\", rpm:\"timezone-java-2010h~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"timezone-2010h\", rpm:\"timezone-2010h~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"timezone-java-2010h\", rpm:\"timezone-java-2010h~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"timezone-2010h\", rpm:\"timezone-2010h~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"timezone-java-2010h\", rpm:\"timezone-java-2010h~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"timezone-2010h\", rpm:\"timezone-2010h~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"timezone-java-2010h\", rpm:\"timezone-java-2010h~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:19:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1927", "CVE-2008-5302", "CVE-2008-5303", "CVE-2007-4829"], "description": "The remote host is missing an update to perl\nannounced via advisory USN-700-1.", "modified": "2017-12-01T00:00:00", "published": "2008-12-29T00:00:00", "id": "OPENVAS:63075", "href": "http://plugins.openvas.org/nasl.php?oid=63075", "type": "openvas", "title": "Ubuntu USN-700-1 (perl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_700_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-700-1 (perl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libarchive-tar-perl 1.26-2ubuntu0.1\n libperl5.8 5.8.7-10ubuntu1.2\n\nUbuntu 7.10:\n libarchive-tar-perl 1.31-1ubuntu0.1\n libperl5.8 5.8.8-7ubuntu3.4\n perl-modules 5.8.8-7ubuntu3.4\n\nUbuntu 8.04 LTS:\n libarchive-tar-perl 1.36-1ubuntu0.1\n libperl5.8 5.8.8-12ubuntu0.3\n perl-modules 5.8.8-12ubuntu0.3\n\nUbuntu 8.10:\n perl-modules 5.10.0-11.1ubuntu2.2\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-700-1\";\n\ntag_insight = \"Jonathan Smith discovered that the Archive::Tar Perl module did not\ncorrectly handle symlinks when extracting archives. If a user or\nautomated system were tricked into opening a specially crafted tar file,\na remote attacker could over-write arbitrary files. (CVE-2007-4829)\n\nTavis Ormandy and Will Drewry discovered that Perl did not correctly\nhandle certain utf8 characters in regular expressions. If a user or\nautomated system were tricked into using a specially crafted expression,\na remote attacker could crash the application, leading to a denial\nof service. Ubuntu 8.10 was not affected by this issue. (CVE-2008-1927)\n\nA race condition was discovered in the File::Path Perl module's rmtree\nfunction. If a local attacker successfully raced another user's call\nof rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06\nand 8.10 were not affected by this issue. (CVE-2008-5302)\n\nA race condition was discovered in the File::Path Perl module's rmtree\nfunction. If a local attacker successfully raced another user's call of\nrmtree, they could delete arbitrary files. Ubuntu 6.06 was not affected\nby this issue. (CVE-2008-5303)\";\ntag_summary = \"The remote host is missing an update to perl\nannounced via advisory USN-700-1.\";\n\n \n\n\nif(description)\n{\n script_id(63075);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-12-29 22:42:24 +0100 (Mon, 29 Dec 2008)\");\n script_cve_id(\"CVE-2007-4829\", \"CVE-2008-1927\", \"CVE-2008-5302\", \"CVE-2008-5303\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-700-1 (perl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-700-1/\");\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libarchive-tar-perl\", ver:\"1.26-2ubuntu0.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.8\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libarchive-tar-perl\", ver:\"1.31-1ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.8\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libarchive-tar-perl\", ver:\"1.36-1ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.8\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.10\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2004-0452", "CVE-2008-5303", "CVE-2005-0448"], "description": "The remote host is missing an update to perl\nannounced via advisory DSA 1678-1.", "modified": "2017-07-07T00:00:00", "published": "2008-12-10T00:00:00", "id": "OPENVAS:62840", "href": "http://plugins.openvas.org/nasl.php?oid=62840", "type": "openvas", "title": "Debian Security Advisory DSA 1678-1 (perl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1678_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1678-1 (perl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Paul Szabo rediscovered a vulnerability in the File::Path::rmtree\nfunction of Perl. It was possible to exploit a race condition to create\nsetuid binaries in a directory tree or remove arbitrary files when a\nprocess is deleting this tree. This issue was originally known as\nCVE-2005-0448 and CVE-2004-0452, which were addressed by DSA-696-1 and\nDSA-620-1. Unfortunately, they were reintroduced later.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 5.8.8-7etch5.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 5.10.0-18 and will migrate to the testing distribution (lenny)\nshortly.\n\nWe recommend that you upgrade your perl packages.\";\ntag_summary = \"The remote host is missing an update to perl\nannounced via advisory DSA 1678-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201678-1\";\n\n\nif(description)\n{\n script_id(62840);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-12-10 05:23:56 +0100 (Wed, 10 Dec 2008)\");\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2005-0448\", \"CVE-2004-0452\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1678-1 (perl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.8.8-7etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.8.8-7etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.8.8-7etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.8.8-7etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.8\", ver:\"5.8.8-7etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.8.8-7etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.8.8-7etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.8.8-7etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.8.8-7etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:16:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1927", "CVE-2008-5302", "CVE-2008-5303", "CVE-2007-4829"], "description": "The remote host is missing an update to perl\nannounced via advisory USN-700-1.", "modified": "2018-04-06T00:00:00", "published": "2008-12-29T00:00:00", "id": "OPENVAS:136141256231063075", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063075", "type": "openvas", "title": "Ubuntu USN-700-1 (perl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_700_1.nasl 9349 2018-04-06 07:02:25Z cfischer $\n# Description: Auto-generated from advisory USN-700-1 (perl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libarchive-tar-perl 1.26-2ubuntu0.1\n libperl5.8 5.8.7-10ubuntu1.2\n\nUbuntu 7.10:\n libarchive-tar-perl 1.31-1ubuntu0.1\n libperl5.8 5.8.8-7ubuntu3.4\n perl-modules 5.8.8-7ubuntu3.4\n\nUbuntu 8.04 LTS:\n libarchive-tar-perl 1.36-1ubuntu0.1\n libperl5.8 5.8.8-12ubuntu0.3\n perl-modules 5.8.8-12ubuntu0.3\n\nUbuntu 8.10:\n perl-modules 5.10.0-11.1ubuntu2.2\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-700-1\";\n\ntag_insight = \"Jonathan Smith discovered that the Archive::Tar Perl module did not\ncorrectly handle symlinks when extracting archives. If a user or\nautomated system were tricked into opening a specially crafted tar file,\na remote attacker could over-write arbitrary files. (CVE-2007-4829)\n\nTavis Ormandy and Will Drewry discovered that Perl did not correctly\nhandle certain utf8 characters in regular expressions. If a user or\nautomated system were tricked into using a specially crafted expression,\na remote attacker could crash the application, leading to a denial\nof service. Ubuntu 8.10 was not affected by this issue. (CVE-2008-1927)\n\nA race condition was discovered in the File::Path Perl module's rmtree\nfunction. If a local attacker successfully raced another user's call\nof rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06\nand 8.10 were not affected by this issue. (CVE-2008-5302)\n\nA race condition was discovered in the File::Path Perl module's rmtree\nfunction. If a local attacker successfully raced another user's call of\nrmtree, they could delete arbitrary files. Ubuntu 6.06 was not affected\nby this issue. (CVE-2008-5303)\";\ntag_summary = \"The remote host is missing an update to perl\nannounced via advisory USN-700-1.\";\n\n \n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63075\");\n script_version(\"$Revision: 9349 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:02:25 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2008-12-29 22:42:24 +0100 (Mon, 29 Dec 2008)\");\n script_cve_id(\"CVE-2007-4829\", \"CVE-2008-1927\", \"CVE-2008-5302\", \"CVE-2008-5303\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-700-1 (perl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-700-1/\");\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libarchive-tar-perl\", ver:\"1.26-2ubuntu0.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.8\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.8.7-10ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libarchive-tar-perl\", ver:\"1.31-1ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.8\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.8.8-7ubuntu3.4\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libarchive-tar-perl\", ver:\"1.36-1ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.8\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.8.8-12ubuntu0.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-doc\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-modules\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgi-fast-perl\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl-dev\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libperl5.10\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-base\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-debug\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl-suid\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perl\", ver:\"5.10.0-11.1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:32:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "description": "Check for the Version of perl", "modified": "2017-12-20T00:00:00", "published": "2010-06-15T00:00:00", "id": "OPENVAS:831075", "href": "http://plugins.openvas.org/nasl.php?oid=831075", "type": "openvas", "title": "Mandriva Update for perl MDVSA-2010:116 (perl)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for perl MDVSA-2010:116 (perl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"perl on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in Path.pm\n and Safe.pm which could lead to escalated privilegies (CVE-2008-5302,\n CVE-2008-5303, CVE-2010-1168, CVE-2010-1447). The updated packages\n have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-06/msg00013.php\");\n script_id(831075);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-15 05:04:13 +0200 (Tue, 15 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:116\");\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2010-1168\", \"CVE-2010-1447\");\n script_name(\"Mandriva Update for perl MDVSA-2010:116 (perl)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of perl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.8.8~12.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.8.8~12.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-devel\", rpm:\"perl-devel~5.8.8~12.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.8.8~12.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-suid\", rpm:\"perl-suid~5.8.8~12.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.1~3.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.1~3.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-devel\", rpm:\"perl-devel~5.10.1~3.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.1~3.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-suid\", rpm:\"perl-suid~5.10.1~3.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:04:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "description": "Check for the Version of perl", "modified": "2018-01-17T00:00:00", "published": "2010-06-15T00:00:00", "id": "OPENVAS:1361412562310831075", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831075", "type": "openvas", "title": "Mandriva Update for perl MDVSA-2010:116 (perl)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for perl MDVSA-2010:116 (perl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"perl on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in Path.pm\n and Safe.pm which could lead to escalated privilegies (CVE-2008-5302,\n CVE-2008-5303, CVE-2010-1168, CVE-2010-1447). The updated packages\n have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-06/msg00013.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831075\");\n script_version(\"$Revision: 8447 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:12:19 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-15 05:04:13 +0200 (Tue, 15 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:116\");\n script_cve_id(\"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2010-1168\", \"CVE-2010-1447\");\n script_name(\"Mandriva Update for perl MDVSA-2010:116 (perl)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of perl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.8.8~12.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.8.8~12.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-devel\", rpm:\"perl-devel~5.8.8~12.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.8.8~12.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-suid\", rpm:\"perl-suid~5.8.8~12.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.1~3.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.1~3.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-devel\", rpm:\"perl-devel~5.10.1~3.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.1~3.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-suid\", rpm:\"perl-suid~5.10.1~3.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:28:00", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5302", "CVE-2008-5303"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1678-2 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nDecember 21, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : perl\nVulnerability : design flaws\nProblem type : local\nDebian-specific: no\nCVE Id(s) : CVE-2008-5302 CVE-2008-5303\nDebian Bug : 286905 286922 479317\n\nThe perl update in DSA-1678-1 contains a regression which is triggered\nby some Perl scripts which have changed into the directory tree\nremoved by File::Path::rmtree. In particular, this happens if\nFile::Temp::tempdir is used. This new update corrects this\nregression.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 5.8.8-7etch6.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your perl packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6.diff.gz\n Size/MD5 checksum: 104841 38685bce67f7761753883e8e6073f5b7\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6.dsc\n Size/MD5 checksum: 742 f9545587e032939494a6a9b22abd112c\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz\n Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch6_all.deb\n Size/MD5 checksum: 7377460 cf3c6b08cfa947eb989e5a376790c4c3\n http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch6_all.deb\n Size/MD5 checksum: 41276 f9e491829ef0ea295d2c5b88e48c895d\n http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch6_all.deb\n Size/MD5 checksum: 2328214 6d995effacda8ecc2a935dc4527ed342\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_alpha.deb\n Size/MD5 checksum: 4150250 3c575d6d8e1b101066a89e1482f081cf\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_alpha.deb\n Size/MD5 checksum: 821806 8d3bd143f7b3d6243b42277c5c63a93f\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_alpha.deb\n Size/MD5 checksum: 880284 5636ce04377a056db7d369b7b8770428\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_alpha.deb\n Size/MD5 checksum: 2928840 4d5717f310740a654eab999bc4993e5a\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_alpha.deb\n Size/MD5 checksum: 1010 9ccd001ddccacbf99510508937c9ca47\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_alpha.deb\n Size/MD5 checksum: 36236 db6be7a7cf887edfefcb7c2c50b0a3db\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_amd64.deb\n Size/MD5 checksum: 1014 6222c5da15781a0191a162ee74e0f9a2\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_amd64.deb\n Size/MD5 checksum: 806670 c654435b6632fb800929870df3f0daf8\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_amd64.deb\n Size/MD5 checksum: 32780 bcc928299ffd2e4d97ee2d9d7fdb1512\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_amd64.deb\n Size/MD5 checksum: 4249060 a10ee694a5d164b8ef12d0f566e4f02d\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_amd64.deb\n Size/MD5 checksum: 630778 f318294099b5c0ae4469073988731f7f\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_amd64.deb\n Size/MD5 checksum: 2735120 21c2ed7bba2de01983156e720c4eea14\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_arm.deb\n Size/MD5 checksum: 30346 1f51b45f45fd8a1bbc4732812c348b3a\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_arm.deb\n Size/MD5 checksum: 760238 a230824f93118e65af853c9a8448aeb5\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_arm.deb\n Size/MD5 checksum: 562086 e7fc6a0323bc5898dd09ff7a9c937ac1\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_arm.deb\n Size/MD5 checksum: 1010 9a67f67e98a45b6e02fe09aa50518794\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_arm.deb\n Size/MD5 checksum: 2548186 91c5ccb36e82705931c07d8a14d95490\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_arm.deb\n Size/MD5 checksum: 3410336 77df1024bf9e02b0cdce65423bc84eeb\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_i386.deb\n Size/MD5 checksum: 2492644 ebb57292ae6986f812c2233511565fb3\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_i386.deb\n Size/MD5 checksum: 585446 bedf9d40486ebab6ef251101ed0d2402\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_i386.deb\n Size/MD5 checksum: 762766 f667327e7cd4044ee6fb3c900b75a181\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_i386.deb\n Size/MD5 checksum: 527166 8770a7e8302aaa2ef7c99b8339a1579e\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_i386.deb\n Size/MD5 checksum: 32104 53085baadd6fa2a16f5ca27dbcae5b72\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_i386.deb\n Size/MD5 checksum: 3599182 6c141bd9447670a86b0691adafb51596\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_ia64.deb\n Size/MD5 checksum: 1154160 b640fe2f395f9161560fd9dd52532f85\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_ia64.deb\n Size/MD5 checksum: 1006 62ffe7a5b8823f925b2537941fe48ae1\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_ia64.deb\n Size/MD5 checksum: 51272 b93cfd432ead7fb85cab0acbe53c2994\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_ia64.deb\n Size/MD5 checksum: 978108 7e50dafffed7382b35042ad86032b7a4\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_ia64.deb\n Size/MD5 checksum: 4336650 fe46d1d4fa0b18770631f9d2a544d072\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_ia64.deb\n Size/MD5 checksum: 3364466 15f332c898209c5c5cb8d864762cf445\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_mips.deb\n Size/MD5 checksum: 786168 5da358d316af22485a29c364afee453c\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_mips.deb\n Size/MD5 checksum: 1008 0c27fb854eabf1e73840bf2cc07b8b3c\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_mips.deb\n Size/MD5 checksum: 694016 78af4921744de0e03ba173d79d7f7d39\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_mips.deb\n Size/MD5 checksum: 32220 fcd144768fee4a14664a962d0d1e4a55\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_mips.deb\n Size/MD5 checksum: 3679064 cdd8810ba2b3e8c293df4acc06510fb7\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_mips.deb\n Size/MD5 checksum: 2782124 a16a21e716647c74c24224b9752d56c2\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_mipsel.deb\n Size/MD5 checksum: 32326 55417bfc7195b2907c76a170ded4fb91\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_mipsel.deb\n Size/MD5 checksum: 2730626 7d13f3931edcdd3b22ff6e851de332d5\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_mipsel.deb\n Size/MD5 checksum: 3413592 f087bc2dcefcd3069ac7db96b84af4ab\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_mipsel.deb\n Size/MD5 checksum: 784946 a5b574a6e9e1bf919ab88bd1b5beb964\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_mipsel.deb\n Size/MD5 checksum: 687508 90078c3c9692c6e50c5a5cb0fe25ece2\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_mipsel.deb\n Size/MD5 checksum: 1016 10942b8d2f2c5441d0dd7d65afc83151\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_powerpc.deb\n Size/MD5 checksum: 811106 367dec1df2404742380c2c06e0809a20\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_powerpc.deb\n Size/MD5 checksum: 2710134 50f1c3ecb9f1023935f153c1d605aa41\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_powerpc.deb\n Size/MD5 checksum: 1014 16877860b93d044bf7f914a857737fc0\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_powerpc.deb\n Size/MD5 checksum: 3825218 b4f50f6735fc446fb22665cff53cd064\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_powerpc.deb\n Size/MD5 checksum: 653450 92671c8bcd39e6f4a84b2a01401ef408\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_powerpc.deb\n Size/MD5 checksum: 32904 adb2e70ca2b2f0cc809bcc2903036bdf\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_s390.deb\n Size/MD5 checksum: 4100084 14bc00f090ce3dc1ba7bfacfa5b88218\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_s390.deb\n Size/MD5 checksum: 33094 fb66e60a4fa21a647bc053920a842d5b\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_s390.deb\n Size/MD5 checksum: 633600 9df5a899f601a14ce3b0496df2bc116d\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_s390.deb\n Size/MD5 checksum: 823704 1b3f1afaef5fc0c5fb36048d82c1c3d6\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_s390.deb\n Size/MD5 checksum: 2796566 83e073cf9d1f2a22f366483d250a95c0\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_s390.deb\n Size/MD5 checksum: 1008 f983117eb556d27b343d6a64d5774cfd\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_sparc.deb\n Size/MD5 checksum: 594470 8bfdaa1611e2ce31f21dcb83714eed1f\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_sparc.deb\n Size/MD5 checksum: 31058 12713b89c5b12616fe4344c6e725b8a5\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_sparc.deb\n Size/MD5 checksum: 2565978 b062a3274b40bf1524a9d02315c711cd\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_sparc.deb\n Size/MD5 checksum: 782402 5c2d4e8b4eb521aecac7c496591c1e7a\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_sparc.deb\n Size/MD5 checksum: 1010 0fde672bbaad262571d8646364b3c10a\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_sparc.deb\n Size/MD5 checksum: 3813262 f1095b35b28e4d2eb80cba8b978d8119\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2008-12-21T10:04:55", "published": "2008-12-21T10:04:55", "id": "DEBIAN:DSA-1678-2:852C6", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00281.html", "title": "[SECURITY] [DSA 1678-2] New perl packages fix regression", "type": "debian", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:29:32", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5302", "CVE-2004-0452", "CVE-2008-5303", "CVE-2005-0448"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1678-1 security@debian.org\nhttp://www.debian.org/security/ Steffen Joeris\nDecember 03, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : perl\nVulnerability : design flaws\nProblem type : local\nDebian-specific: no\nCVE Id(s) : CVE-2008-5302 CVE-2008-5303\nDebian Bug : 286905 286922\n\nPaul Szabo rediscovered a vulnerability in the File::Path::rmtree\nfunction of Perl. It was possible to exploit a race condition to create\nsetuid binaries in a directory tree or remove arbitrary files when a\nprocess is deleting this tree. This issue was originally known as\nCVE-2005-0448 and CVE-2004-0452, which were addressed by DSA-696-1 and\nDSA-620-1. Unfortunately, they were reintroduced later.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 5.8.8-7etch5.\n\nFor the unstable distribution (sid), these problems have been fixed in \nversion 5.10.0-18 and will migrate to the testing distribution (lenny) \nshortly.\n\nWe recommend that you upgrade your perl packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5.dsc\n Size/MD5 checksum: 750 a57837967b7420057558cab7efca9202\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz\n Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5.diff.gz\n Size/MD5 checksum: 105052 cfd4c3d27c5a7a342c441383867dae89\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch5_all.deb\n Size/MD5 checksum: 41082 9dfa8758852aadcaadb2edbdfa17f942\n http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch5_all.deb\n Size/MD5 checksum: 7378812 3baade38d4a703ae7db0e2f7d7b2df62\n http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch5_all.deb\n Size/MD5 checksum: 2316518 dc45e7d6fbedf992db42f31326457df2\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_alpha.deb\n Size/MD5 checksum: 4150162 345ac6cfebda2d2e6807a1dc0e14957c\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_alpha.deb\n Size/MD5 checksum: 1006 f010eb97c3f81b2958c7546ba69296eb\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_alpha.deb\n Size/MD5 checksum: 2928894 52f0aa7e688e63cd4d487a6492d9ee2e\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_alpha.deb\n Size/MD5 checksum: 36236 eb16c8490e1e164ef6444f4b7680fbc6\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_alpha.deb\n Size/MD5 checksum: 821796 d48d9e6f1a07eafdc6acb6d990cf1fbc\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_alpha.deb\n Size/MD5 checksum: 880174 f32a7823fd919ada981b3eda1abe6a70\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_amd64.deb\n Size/MD5 checksum: 630776 4f134545671885f476770a9da3695301\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_amd64.deb\n Size/MD5 checksum: 806610 02ed83b2872342eb732c0179daa52869\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_amd64.deb\n Size/MD5 checksum: 32774 4db9f5a96272f4a561abadbc3a1ed175\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_amd64.deb\n Size/MD5 checksum: 4248964 b09695271b26cb6b6245a791e9e7122d\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_amd64.deb\n Size/MD5 checksum: 2735132 c8bb2c571273b1ef47beb05874ae4277\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_amd64.deb\n Size/MD5 checksum: 1010 4223d65b463272ca026ee7e7d7d0ff02\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_arm.deb\n Size/MD5 checksum: 1008 fd5146b7fceeb55c7ba16831e95f0b4a\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_arm.deb\n Size/MD5 checksum: 562112 24fe7aacf39d42673555f228e6edd5d7\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_arm.deb\n Size/MD5 checksum: 30338 57ce7264534de68fe870e72eaae6a186\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_arm.deb\n Size/MD5 checksum: 3410084 382ee29a48541e9270cb20926ff2c58a\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_arm.deb\n Size/MD5 checksum: 760136 6939901d705dbdac94e959ebab73d32a\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_arm.deb\n Size/MD5 checksum: 2548202 07796362a684d112be9dbea0ff5a2ab5\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_i386.deb\n Size/MD5 checksum: 3589118 bdcb99ed51d06b1639d98a661ce42d58\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_i386.deb\n Size/MD5 checksum: 527162 c511226a2cbddb98a170c8f563d6670a\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_i386.deb\n Size/MD5 checksum: 585396 f3f34d325de643667d4c12f897a15f48\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_i386.deb\n Size/MD5 checksum: 32070 59d70d1ee4f0e7584230095ca079ceb7\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_i386.deb\n Size/MD5 checksum: 2491980 7149381d9862cc1ebd20092fae76dda9\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_i386.deb\n Size/MD5 checksum: 762200 40254226d8ae5963a908661350816f0c\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_ia64.deb\n Size/MD5 checksum: 978092 e856d5880b7b4c26222a3e0a3e0e0610\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_ia64.deb\n Size/MD5 checksum: 3364496 8248ac1db0819b45b0ea5bf2ba748f6f\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_ia64.deb\n Size/MD5 checksum: 1154060 3ff9faa1f05b380c486a86f79e7993a0\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_ia64.deb\n Size/MD5 checksum: 1008 ce21fdde9f6a971ab9bb950d5a4f8846\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_ia64.deb\n Size/MD5 checksum: 51272 85acec2cd9ad024ec30e00a5af6f5ccb\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_ia64.deb\n Size/MD5 checksum: 4336594 d4756a2b2de75f43cdb2f8ff4ccc0566\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_mips.deb\n Size/MD5 checksum: 2782132 4999312ae9a1844b4d475f34d312d334\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_mips.deb\n Size/MD5 checksum: 694018 e974c764d6a3350e7425cf5990f02201\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_mips.deb\n Size/MD5 checksum: 3678988 94244c7432977a979063076fc67bbf29\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_mips.deb\n Size/MD5 checksum: 32216 cacc1e6e5d2649606ddccc99a9f09ebd\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_mips.deb\n Size/MD5 checksum: 786110 1713743185beb6ddc6de091ed4a7a0e5\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_mips.deb\n Size/MD5 checksum: 1008 905da3949be11e01942cb096f279cd63\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_powerpc.deb\n Size/MD5 checksum: 653440 4ccf1e83f3159d64262c9d30506e151a\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_powerpc.deb\n Size/MD5 checksum: 2710130 036b5620a814a6443d173a1a5f62a051\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_powerpc.deb\n Size/MD5 checksum: 1012 3bf894f640eeb63b15a997dbb1e06a63\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_powerpc.deb\n Size/MD5 checksum: 32908 bb7ccbed135a9625df993587576fbcf6\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_powerpc.deb\n Size/MD5 checksum: 811032 6ea8cf13343916db0f3e46c759f448da\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_powerpc.deb\n Size/MD5 checksum: 3824810 5864271ba481be6308ab9e704c2454c1\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_s390.deb\n Size/MD5 checksum: 823642 682e9f9fb581af9cc0aa9860c2747eba\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_s390.deb\n Size/MD5 checksum: 33108 311441a02f7965c21790d988b63879c6\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_s390.deb\n Size/MD5 checksum: 2796658 3b4c21061de13bec62299cfda17c21a8\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_s390.deb\n Size/MD5 checksum: 1008 201b45bdbf264748d665b789e501e2c9\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_s390.deb\n Size/MD5 checksum: 4100050 c2348e4c49820501d30e3736bb60e442\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_s390.deb\n Size/MD5 checksum: 633612 6d818da26553af14a4479a23731ea8b0\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_sparc.deb\n Size/MD5 checksum: 1014 bd9f92414f3d44f15efa2c8b25fd39d9\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_sparc.deb\n Size/MD5 checksum: 3796714 95538b186d68bd25eec0dd3a27fe1447\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_sparc.deb\n Size/MD5 checksum: 783702 e07757e74203c7c8eec5f2db41051bc4\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_sparc.deb\n Size/MD5 checksum: 31056 d0ead72ea7bb47971f638ef7aee22705\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_sparc.deb\n Size/MD5 checksum: 2565984 253cc0540fbaead2b39bbcf9dda3ab96\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_sparc.deb\n Size/MD5 checksum: 594486 85b2168a8092deadace3044f51ebd20a\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2008-12-03T06:15:33", "published": "2008-12-03T06:15:33", "id": "DEBIAN:DSA-1678-1:AFAEB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00270.html", "title": "[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation", "type": "debian", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:24:18", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "description": "**CentOS Errata and Security Advisory** CESA-2010:0458\n\n\nPerl is a high-level programming language commonly used for system\nadministration utilities and web programming. The Safe extension module\nallows users to compile and execute Perl code in restricted compartments.\nThe File::Path module allows users to create and remove directory trees.\n\nThe Safe module did not properly restrict the code of implicitly called\nmethods (such as DESTROY and AUTOLOAD) on implicitly blessed objects\nreturned as a result of unsafe code evaluation. These methods could have\nbeen executed unrestricted by Safe when such objects were accessed or\ndestroyed. A specially-crafted Perl script executed inside of a Safe\ncompartment could use this flaw to bypass intended Safe module\nrestrictions. (CVE-2010-1168)\n\nThe Safe module did not properly restrict code compiled in a Safe\ncompartment and executed out of the compartment via a subroutine reference\nreturned as a result of unsafe code evaluation. A specially-crafted Perl\nscript executed inside of a Safe compartment could use this flaw to bypass\nintended Safe module restrictions, if the returned subroutine reference was\ncalled from outside of the compartment. (CVE-2010-1447)\n\nMultiple race conditions were found in the way the File::Path module's\nrmtree function removed directory trees. A malicious, local user with write\naccess to a directory being removed by a victim, running a Perl script\nusing rmtree, could cause the permissions of arbitrary files to be changed\nto world-writable and setuid, or delete arbitrary files via a symbolic link\nattack, if the victim had the privileges to change the permissions of the\ntarget files or to remove them. (CVE-2008-5302, CVE-2008-5303)\n\nRed Hat would like to thank Tim Bunce for responsibly reporting the\nCVE-2010-1168 and CVE-2010-1447 issues. Upstream acknowledges Nick Cleaton\nas the original reporter of CVE-2010-1168, and Tim Bunce and Rafael\nGarcia-Suarez as the original reporters of CVE-2010-1447.\n\nThese packages upgrade the Safe extension module to version 2.27. Refer to\nthe Safe module's Changes file, linked to in the References, for a full\nlist of changes.\n\nUsers of perl are advised to upgrade to these updated packages, which\ncorrect these issues. All applications using the Safe or File::Path modules\nmust be restarted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-June/028754.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-June/028762.html\n\n**Affected packages:**\nperl\nperl-suidperl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0458.html", "edition": 3, "modified": "2010-06-12T12:59:15", "published": "2010-06-12T12:59:15", "href": "http://lists.centos.org/pipermail/centos-announce/2010-June/028754.html", "id": "CESA-2010:0458", "title": "perl security update", "type": "centos", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:28", "bulletinFamily": "software", "cvelist": ["CVE-2008-5302", "CVE-2004-0452", "CVE-2008-5303", "CVE-2005-0448"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1678-1 security@debian.org\r\nhttp://www.debian.org/security/ Steffen Joeris\r\nDecember 03, 2008 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : perl\r\nVulnerability : design flaws\r\nProblem type : local\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2008-5302 CVE-2008-5303\r\nDebian Bug : 286905 286922\r\n\r\nPaul Szabo rediscovered a vulnerability in the File::Path::rmtree\r\nfunction of Perl. It was possible to exploit a race condition to create\r\nsetuid binaries in a directory tree or remove arbitrary files when a\r\nprocess is deleting this tree. This issue was originally known as\r\nCVE-2005-0448 and CVE-2004-0452, which were addressed by DSA-696-1 and\r\nDSA-620-1. Unfortunately, they were reintroduced later.\r\n\r\nFor the stable distribution (etch), these problems have been fixed in\r\nversion 5.8.8-7etch5.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in \r\nversion 5.10.0-18 and will migrate to the testing distribution (lenny) \r\nshortly.\r\n\r\nWe recommend that you upgrade your perl packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5.dsc\r\n Size/MD5 checksum: 750 a57837967b7420057558cab7efca9202\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz\r\n Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5.diff.gz\r\n Size/MD5 checksum: 105052 cfd4c3d27c5a7a342c441383867dae89\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch5_all.deb\r\n Size/MD5 checksum: 41082 9dfa8758852aadcaadb2edbdfa17f942\r\n http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch5_all.deb\r\n Size/MD5 checksum: 7378812 3baade38d4a703ae7db0e2f7d7b2df62\r\n http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch5_all.deb\r\n Size/MD5 checksum: 2316518 dc45e7d6fbedf992db42f31326457df2\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_alpha.deb\r\n Size/MD5 checksum: 4150162 345ac6cfebda2d2e6807a1dc0e14957c\r\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_alpha.deb\r\n Size/MD5 checksum: 1006 f010eb97c3f81b2958c7546ba69296eb\r\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_alpha.deb\r\n Size/MD5 checksum: 2928894 52f0aa7e688e63cd4d487a6492d9ee2e\r\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_alpha.deb\r\n Size/MD5 checksum: 36236 eb16c8490e1e164ef6444f4b7680fbc6\r\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_alpha.deb\r\n Size/MD5 checksum: 821796 d48d9e6f1a07eafdc6acb6d990cf1fbc\r\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_alpha.deb\r\n Size/MD5 checksum: 880174 f32a7823fd919ada981b3eda1abe6a70\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_amd64.deb\r\n Size/MD5 checksum: 630776 4f134545671885f476770a9da3695301\r\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_amd64.deb\r\n Size/MD5 checksum: 806610 02ed83b2872342eb732c0179daa52869\r\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_amd64.deb\r\n Size/MD5 checksum: 32774 4db9f5a96272f4a561abadbc3a1ed175\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_amd64.deb\r\n Size/MD5 checksum: 4248964 b09695271b26cb6b6245a791e9e7122d\r\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_amd64.deb\r\n Size/MD5 checksum: 2735132 c8bb2c571273b1ef47beb05874ae4277\r\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_amd64.deb\r\n Size/MD5 checksum: 1010 4223d65b463272ca026ee7e7d7d0ff02\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_arm.deb\r\n Size/MD5 checksum: 1008 fd5146b7fceeb55c7ba16831e95f0b4a\r\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_arm.deb\r\n Size/MD5 checksum: 562112 24fe7aacf39d42673555f228e6edd5d7\r\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_arm.deb\r\n Size/MD5 checksum: 30338 57ce7264534de68fe870e72eaae6a186\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_arm.deb\r\n Size/MD5 checksum: 3410084 382ee29a48541e9270cb20926ff2c58a\r\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_arm.deb\r\n Size/MD5 checksum: 760136 6939901d705dbdac94e959ebab73d32a\r\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_arm.deb\r\n Size/MD5 checksum: 2548202 07796362a684d112be9dbea0ff5a2ab5\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_i386.deb\r\n Size/MD5 checksum: 3589118 bdcb99ed51d06b1639d98a661ce42d58\r\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_i386.deb\r\n Size/MD5 checksum: 527162 c511226a2cbddb98a170c8f563d6670a\r\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_i386.deb\r\n Size/MD5 checksum: 585396 f3f34d325de643667d4c12f897a15f48\r\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_i386.deb\r\n Size/MD5 checksum: 32070 59d70d1ee4f0e7584230095ca079ceb7\r\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_i386.deb\r\n Size/MD5 checksum: 2491980 7149381d9862cc1ebd20092fae76dda9\r\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_i386.deb\r\n Size/MD5 checksum: 762200 40254226d8ae5963a908661350816f0c\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_ia64.deb\r\n Size/MD5 checksum: 978092 e856d5880b7b4c26222a3e0a3e0e0610\r\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_ia64.deb\r\n Size/MD5 checksum: 3364496 8248ac1db0819b45b0ea5bf2ba748f6f\r\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_ia64.deb\r\n Size/MD5 checksum: 1154060 3ff9faa1f05b380c486a86f79e7993a0\r\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_ia64.deb\r\n Size/MD5 checksum: 1008 ce21fdde9f6a971ab9bb950d5a4f8846\r\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_ia64.deb\r\n Size/MD5 checksum: 51272 85acec2cd9ad024ec30e00a5af6f5ccb\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_ia64.deb\r\n Size/MD5 checksum: 4336594 d4756a2b2de75f43cdb2f8ff4ccc0566\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_mips.deb\r\n Size/MD5 checksum: 2782132 4999312ae9a1844b4d475f34d312d334\r\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_mips.deb\r\n Size/MD5 checksum: 694018 e974c764d6a3350e7425cf5990f02201\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_mips.deb\r\n Size/MD5 checksum: 3678988 94244c7432977a979063076fc67bbf29\r\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_mips.deb\r\n Size/MD5 checksum: 32216 cacc1e6e5d2649606ddccc99a9f09ebd\r\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_mips.deb\r\n Size/MD5 checksum: 786110 1713743185beb6ddc6de091ed4a7a0e5\r\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_mips.deb\r\n Size/MD5 checksum: 1008 905da3949be11e01942cb096f279cd63\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_powerpc.deb\r\n Size/MD5 checksum: 653440 4ccf1e83f3159d64262c9d30506e151a\r\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_powerpc.deb\r\n Size/MD5 checksum: 2710130 036b5620a814a6443d173a1a5f62a051\r\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_powerpc.deb\r\n Size/MD5 checksum: 1012 3bf894f640eeb63b15a997dbb1e06a63\r\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_powerpc.deb\r\n Size/MD5 checksum: 32908 bb7ccbed135a9625df993587576fbcf6\r\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_powerpc.deb\r\n Size/MD5 checksum: 811032 6ea8cf13343916db0f3e46c759f448da\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_powerpc.deb\r\n Size/MD5 checksum: 3824810 5864271ba481be6308ab9e704c2454c1\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_s390.deb\r\n Size/MD5 checksum: 823642 682e9f9fb581af9cc0aa9860c2747eba\r\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_s390.deb\r\n Size/MD5 checksum: 33108 311441a02f7965c21790d988b63879c6\r\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_s390.deb\r\n Size/MD5 checksum: 2796658 3b4c21061de13bec62299cfda17c21a8\r\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_s390.deb\r\n Size/MD5 checksum: 1008 201b45bdbf264748d665b789e501e2c9\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_s390.deb\r\n Size/MD5 checksum: 4100050 c2348e4c49820501d30e3736bb60e442\r\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_s390.deb\r\n Size/MD5 checksum: 633612 6d818da26553af14a4479a23731ea8b0\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch5_sparc.deb\r\n Size/MD5 checksum: 1014 bd9f92414f3d44f15efa2c8b25fd39d9\r\n http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch5_sparc.deb\r\n Size/MD5 checksum: 3796714 95538b186d68bd25eec0dd3a27fe1447\r\n http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch5_sparc.deb\r\n Size/MD5 checksum: 783702 e07757e74203c7c8eec5f2db41051bc4\r\n http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch5_sparc.deb\r\n Size/MD5 checksum: 31056 d0ead72ea7bb47971f638ef7aee22705\r\n http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch5_sparc.deb\r\n Size/MD5 checksum: 2565984 253cc0540fbaead2b39bbcf9dda3ab96\r\n http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch5_sparc.deb\r\n Size/MD5 checksum: 594486 85b2168a8092deadace3044f51ebd20a\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJJNiNUAAoJEL97/wQC1SS+xTwH/0zeSjj1pMV/opCTwn43mJol\r\nfiGZ7O7Ng8o6Ps1fRuPZi+SdvaQxF3NbYWnyKikxY223AvLRlDQCPtbe0wZYf0bQ\r\n6Cr9S+GaRTHd9UOg/4s2CE1clttlXRIzRQT9jTi/uycTr/JsAVUeWZ4LgrAq6P1l\r\nqxMxiZddeH6BRHJbFgMKT8nhnLkAOztAqSlmZjA4XBlq/LH4RyGhprJh39zuG2Aq\r\nU85a7vWzwwrH6EnfeYi4xS4i9kR5+YJUTvvgmdnYOfi6lOQl8Y3KG6Qeunmw/0gc\r\nGjB7KcH1bUyj8hiS0zoMCbFwwCsodt5zfoieD82VtvRGAv+PoaH4ZL4O8MfYS0o=\r\n=dFHH\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-12-04T00:00:00", "published": "2008-12-04T00:00:00", "id": "SECURITYVULNS:DOC:20946", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20946", "title": "[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:18", "bulletinFamily": "software", "cvelist": ["CVE-2008-5302", "CVE-2004-0452", "CVE-2008-5303", "CVE-2005-0448"], "description": "File::Path::rmtree unsecurely changes file permissions, creating race condiotns for symbolic links manipulation.", "edition": 1, "modified": "2008-12-04T00:00:00", "published": "2008-12-04T00:00:00", "id": "SECURITYVULNS:VULN:4314", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:4314", "title": "Perl symbolic links race conditions", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:45:28", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447"], "description": "Perl is a high-level programming language commonly used for system\nadministration utilities and web programming. The Safe extension module\nallows users to compile and execute Perl code in restricted compartments.\nThe File::Path module allows users to create and remove directory trees.\n\nThe Safe module did not properly restrict the code of implicitly called\nmethods (such as DESTROY and AUTOLOAD) on implicitly blessed objects\nreturned as a result of unsafe code evaluation. These methods could have\nbeen executed unrestricted by Safe when such objects were accessed or\ndestroyed. A specially-crafted Perl script executed inside of a Safe\ncompartment could use this flaw to bypass intended Safe module\nrestrictions. (CVE-2010-1168)\n\nThe Safe module did not properly restrict code compiled in a Safe\ncompartment and executed out of the compartment via a subroutine reference\nreturned as a result of unsafe code evaluation. A specially-crafted Perl\nscript executed inside of a Safe compartment could use this flaw to bypass\nintended Safe module restrictions, if the returned subroutine reference was\ncalled from outside of the compartment. (CVE-2010-1447)\n\nMultiple race conditions were found in the way the File::Path module's\nrmtree function removed directory trees. A malicious, local user with write\naccess to a directory being removed by a victim, running a Perl script\nusing rmtree, could cause the permissions of arbitrary files to be changed\nto world-writable and setuid, or delete arbitrary files via a symbolic link\nattack, if the victim had the privileges to change the permissions of the\ntarget files or to remove them. (CVE-2008-5302, CVE-2008-5303)\n\nRed Hat would like to thank Tim Bunce for responsibly reporting the\nCVE-2010-1168 and CVE-2010-1447 issues. Upstream acknowledges Nick Cleaton\nas the original reporter of CVE-2010-1168, and Tim Bunce and Rafael\nGarcia-Suarez as the original reporters of CVE-2010-1447.\n\nThese packages upgrade the Safe extension module to version 2.27. Refer to\nthe Safe module's Changes file, linked to in the References, for a full\nlist of changes.\n\nUsers of perl are advised to upgrade to these updated packages, which\ncorrect these issues. All applications using the Safe or File::Path modules\nmust be restarted for this update to take effect.\n", "modified": "2017-09-08T11:54:12", "published": "2010-06-07T04:00:00", "id": "RHSA-2010:0458", "href": "https://access.redhat.com/errata/RHSA-2010:0458", "type": "redhat", "title": "(RHSA-2010:0458) Moderate: perl security update", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:28:59", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1927", "CVE-2008-5302", "CVE-2008-5303", "CVE-2007-4829"], "description": "USN-700-1 fixed vulnerabilities in Perl. Due to problems with the Ubuntu \n8.04 build, some Perl .ph files were missing from the resulting update. \nThis update fixes the problem. We apologize for the inconvenience.\n\nOriginal advisory details:\n\nJonathan Smith discovered that the Archive::Tar Perl module did not \ncorrectly handle symlinks when extracting archives. If a user or \nautomated system were tricked into opening a specially crafted tar file, \na remote attacker could over-write arbitrary files. (CVE-2007-4829)\n\nTavis Ormandy and Will Drewry discovered that Perl did not correctly \nhandle certain utf8 characters in regular expressions. If a user or \nautomated system were tricked into using a specially crafted expression, \na remote attacker could crash the application, leading to a denial \nof service. Ubuntu 8.10 was not affected by this issue. (CVE-2008-1927)\n\nA race condition was discovered in the File::Path Perl module's rmtree \nfunction. If a local attacker successfully raced another user's call \nof rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06 \nand 8.10 were not affected by this issue. (CVE-2008-5302)\n\nA race condition was discovered in the File::Path Perl module's rmtree \nfunction. If a local attacker successfully raced another user's call of \nrmtree, they could delete arbitrary files. Ubuntu 6.06 was not affected \nby this issue. (CVE-2008-5303)", "edition": 5, "modified": "2009-01-15T00:00:00", "published": "2009-01-15T00:00:00", "id": "USN-700-2", "href": "https://ubuntu.com/security/notices/USN-700-2", "title": "Perl regression", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:39:27", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1927", "CVE-2008-5302", "CVE-2008-5303", "CVE-2007-4829"], "description": "Jonathan Smith discovered that the Archive::Tar Perl module did not \ncorrectly handle symlinks when extracting archives. If a user or \nautomated system were tricked into opening a specially crafted tar file, \na remote attacker could over-write arbitrary files. (CVE-2007-4829)\n\nTavis Ormandy and Will Drewry discovered that Perl did not correctly \nhandle certain utf8 characters in regular expressions. If a user or \nautomated system were tricked into using a specially crafted expression, \na remote attacker could crash the application, leading to a denial \nof service. Ubuntu 8.10 was not affected by this issue. (CVE-2008-1927)\n\nA race condition was discovered in the File::Path Perl module's rmtree \nfunction. If a local attacker successfully raced another user's call \nof rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06 \nand 8.10 were not affected by this issue. (CVE-2008-5302)\n\nA race condition was discovered in the File::Path Perl module's rmtree \nfunction. If a local attacker successfully raced another user's call of \nrmtree, they could delete arbitrary files. Ubuntu 6.06 was not affected \nby this issue. (CVE-2008-5303)", "edition": 5, "modified": "2008-12-24T00:00:00", "published": "2008-12-24T00:00:00", "id": "USN-700-1", "href": "https://ubuntu.com/security/notices/USN-700-1", "title": "Perl vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:12", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2010-1447", "CVE-2005-0448"], "description": "[4:5.8.8-32.el5.1]\n- third version of patch fix change of behaviour of rmtree for common user\n- Resolves: rhbz#597203\n[4:5.8.8-32.el5]\n- rhbz#595416 change documentation of File::Path\n- Related: rhbz#591167\n[4:5.8.8-31.el5]\n- remove previous fix\n- Related: rhbz#591167\n[4:5.8.8-30.el5]\n- change config to file on Util.so\n- Related: rhbz#594406\n[4:5.8.8-29.el5]\n- CVE-2008-5302 - use latest patch without Cwd module\n- 507378 because of our paths we need to overload old Util.so in case customer installed\n Scalar::Util from cpan. In this case we marked new Util.so as .rpmnew.\n- Related: rhbz#591167\n- Resolves: rhbz#594406\n[4:5.8.8-28.el5]\n- CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) \n reintroduced after upstream rebase to 5.8.8-1\n- CVE-2010-1168 perl Safe: Intended restriction bypass via object references\n- CVE-2010-1447 Safe 2.26 and earlier: Intended restriction bypass via Perl \n object references in code executed outside safe compartment\n- Related: rhbz#591167", "edition": 4, "modified": "2010-06-07T00:00:00", "published": "2010-06-07T00:00:00", "id": "ELSA-2010-0458", "href": "http://linux.oracle.com/errata/ELSA-2010-0458.html", "title": "perl security update", "type": "oraclelinux", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:28", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5302", "CVE-2008-5303", "CVE-2011-0761", "CVE-2011-1487", "CVE-2010-1158"], "edition": 1, "description": "### Background\n\nPerl is Larry Wall\u2019s Practical Extraction and Report Language.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA local attacker could cause a Denial of Service condition or perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. A context-dependent attacker could cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Perl users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/perl-5.12.3-r1\"", "modified": "2013-11-28T00:00:00", "published": "2013-11-28T00:00:00", "id": "GLSA-201311-17", "href": "https://security.gentoo.org/glsa/201311-17", "type": "gentoo", "title": "Perl: Multiple vulnerabilities", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "vmware": [{"lastseen": "2019-11-06T16:05:44", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4476", "CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2005-4268", "CVE-2010-0624", "CVE-2010-1447", "CVE-2010-1321", "CVE-2010-2063"], "description": "a. Service Console update for cpio \n \nThe service console package cpio is updated to version 2.5-6.RHEL3 for ESX 3.x versions and updated to version 2.6-23.el5_4.1 for ESX 4.x versions. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-4268 and CVE-2010-0624 to the issues addressed in the update for ESX 3.x and the names CVE-2007-4476 and CVE-2010-0624 to the issues addressed in the update for ESX 4.x. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "edition": 4, "modified": "2011-02-14T00:00:00", "published": "2010-08-31T00:00:00", "id": "VMSA-2010-0013", "href": "https://www.vmware.com/security/advisories/VMSA-2010-0013.html", "title": "VMware ESX third party updates for Service Console", "type": "vmware", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T18:00:40", "description": "CVE ID: CVE-2005-4268,CVE-2010-0624,CVE-2007-4476,CVE-2010-2063,CVE-2010-1321,CVE-2010-1168,CVE-2010-1447,CVE-2008-5302,CVE-2008-5303\r\n\r\nVMware ESX Server\u662f\u4e3a\u9002\u7528\u4e8e\u4efb\u4f55\u7cfb\u7edf\u73af\u5883\u7684\u4f01\u4e1a\u7ea7\u865a\u62df\u8ba1\u7b97\u673a\u8f6f\u4ef6\u3002\r\n\r\nESX Console OS (COS)\u5728cpio\u3001tar\u3001perl\u3001krb5\u3001samba\u7b49\u5e94\u7528\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u591a\u4e2a\u6f0f\u6d1e\uff0c\u5176\u4e2d\u6700\u4e25\u91cd\u7684\u6f0f\u6d1e\u53ef\u9020\u6210\u670d\u52a1\u5668\u62d2\u7edd\u670d\u52a1\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nVMWare ESX Server\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nVMWare\r\n------\r\nVMWare\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08VMSA-2010-0013\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nVMSA-2010-0013\uff1aVMware ESX third party updates for Service Console\r\n\r\n\u94fe\u63a5\uff1ahttp://www.vmware.com/security/advisories/VMSA-2010-0013.html", "published": "2012-01-13T00:00:00", "title": "VMware ESX Service Console\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2005-4268", "CVE-2007-4476", "CVE-2008-5302", "CVE-2008-5303", "CVE-2010-0624", "CVE-2010-1168", "CVE-2010-1321", "CVE-2010-1447", "CVE-2010-2063"], "modified": "2012-01-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-30015", "id": "SSV:30015", "sourceData": "", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "threatpost": [{"lastseen": "2018-10-06T23:08:12", "bulletinFamily": "info", "cvelist": ["CVE-2003-0063", "CVE-2006-1329", "CVE-2008-0564", "CVE-2008-0888", "CVE-2008-2712", "CVE-2008-4101", "CVE-2008-4456", "CVE-2008-5302", "CVE-2008-5303", "CVE-2008-5515", "CVE-2008-7247", "CVE-2009-0033", "CVE-2009-0037", "CVE-2009-0316", "CVE-2009-0580", "CVE-2009-0688", "CVE-2009-0689", "CVE-2009-0781", "CVE-2009-0783", "CVE-2009-1904", "CVE-2009-2042", "CVE-2009-2417", "CVE-2009-2422", "CVE-2009-2446", "CVE-2009-2632", "CVE-2009-2693", "CVE-2009-2801", "CVE-2009-2901", "CVE-2009-2902", "CVE-2009-2906", "CVE-2009-3009", "CVE-2009-3095", "CVE-2009-3557", "CVE-2009-3558", "CVE-2009-3559", "CVE-2009-4017", "CVE-2009-4019", "CVE-2009-4030", "CVE-2009-4142", "CVE-2009-4143", "CVE-2009-4214", "CVE-2010-0041", "CVE-2010-0042", "CVE-2010-0043", "CVE-2010-0055", "CVE-2010-0056", "CVE-2010-0057", "CVE-2010-0058", "CVE-2010-0059", "CVE-2010-0060", "CVE-2010-0062", "CVE-2010-0063", "CVE-2010-0064", "CVE-2010-0065", "CVE-2010-0393", "CVE-2010-0497", "CVE-2010-0498", "CVE-2010-0500", "CVE-2010-0501", "CVE-2010-0502", "CVE-2010-0503", "CVE-2010-0504", "CVE-2010-0505", "CVE-2010-0506", "CVE-2010-0507", "CVE-2010-0508", "CVE-2010-0509", "CVE-2010-0510", "CVE-2010-0511", "CVE-2010-0512", "CVE-2010-0513", "CVE-2010-0514", "CVE-2010-0515", "CVE-2010-0516", "CVE-2010-0517", "CVE-2010-0518", "CVE-2010-0519", "CVE-2010-0520", "CVE-2010-0521", "CVE-2010-0522", "CVE-2010-0523", "CVE-2010-0524", "CVE-2010-0525", "CVE-2010-0526", "CVE-2010-0533", "CVE-2010-0534", "CVE-2010-0535", "CVE-2010-0537"], "description": "Apple Mega Patch Covers 88 Mac OS X Vulnerabilities\n\nApple today released one of its biggest Mac OS X security updates in recent memory, covering a whopping with fixes for 88 documented vulnerabilities.\n\nThe Mac OS X v10.6.3 update, which is considered \u201ccritical,\u201d covers flaws that could lead to remote code execution, information disclosure and denial-of-service attacks.\n\nSecurity Update 2010-002 / Mac OS X v10.6.3 is now available and\n\naddresses the following:\n\nAppKit\n\nCVE-ID: CVE-2010-0056\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Spell checking a maliciously crafted document may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the spell checking feature\n\nused by Cocoa applications. Spell checking a maliciously crafted\n\ndocument may lead to an unexpected application termination or\n\narbitrary code execution. This issue is addressed through improved\n\nbounds checking. This issue does not affect Mac OS X v10.6 systems.\n\nCredit: Apple.\n\nApplication Firewall\n\nCVE-ID: CVE-2009-2801\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Certain rules in the Application Firewall may become\n\ninactive after restart\n\nDescription: A timing issue in the Application Firewall may cause\n\ncertain rules to become inactive after reboot. The issue is addressed\n\nthrough improved handling of Firewall rules. This issue does not\n\naffect Mac OS X v10.6 systems. Credit to Michael Kisor of\n\nOrganicOrb.com for reporting this issue.\n\nAFP Server\n\nCVE-ID: CVE-2010-0057\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: When guest access is disabled, a remote user may be able to\n\nmount AFP shares as a guest\n\nDescription: An access control issue in AFP Server may allow a\n\nremote user to mount AFP shares as a guest, even if guest access is\n\ndisabled. This issue is addressed through improved access control\n\nchecks. Credit: Apple.\n\nAFP Server\n\nCVE-ID: CVE-2010-0533\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote user with guest access to an AFP share may access\n\nthe contents of world-readable files outside the Public share\n\nDescription: A directory traversal issue exists in the path\n\nvalidation for AFP shares. A remote user may enumerate the parent\n\ndirectory of the share root, and read or write files within that\n\ndirectory that are accessible to the \u2018nobody\u2019 user. This issue is\n\naddressed through improved handling of file paths. Credit to Patrik\n\nKarlsson of cqure.net for reporting this issue.\n\nApache\n\nCVE-ID: CVE-2009-3095\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to bypass access control\n\nrestrictions\n\nDescription: An input validation issue exists in Apache\u2019s handling\n\nof proxied FTP requests. A remote attacker with the ability to issue\n\nrequests through the proxy may be able to bypass access control\n\nrestrictions specified in the Apache configuration. This issue is\n\naddressed by updating Apache to version 2.2.14.\n\nClamAV\n\nCVE-ID: CVE-2010-0058\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: ClamAV virus definitions may not receive updates\n\nDescription: A configuration issue introduced in Security Update\n\n2009-005 prevents freshclam from running. This may prevent virus\n\ndefinitions from being updated. This issue is addressed by updating\n\nfreshclam\u2019s launchd plist ProgramArguments key values. This issue\n\ndoes not affect Mac OS X v10.6 systems. Credit to Bayard Bell, Wil\n\nShipley of Delicious Monster, and David Ferrero of Zion Software, LLC\n\nfor reporting this issue.\n\nCoreAudio\n\nCVE-ID: CVE-2010-0059\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Playing maliciously crafted audio content may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nQDM2 encoded audio content. Playing maliciously crafted audio content\n\nmay lead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nCoreAudio\n\nCVE-ID: CVE-2010-0060\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Playing maliciously crafted audio content may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nQDMC encoded audio content. Playing maliciously crafted audio content\n\nmay lead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nCoreMedia\n\nCVE-ID: CVE-2010-0062\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in CoreMedia\u2019s handling\n\nof H.263 encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of H.263 encoded movie files. Credit to Damian Put working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nCoreTypes\n\nCVE-ID: CVE-2010-0063\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Users are not warned before opening certain potentially\n\nunsafe content types\n\nDescription: This update adds .ibplugin and .url to the system\u2019s\n\nlist of content types that will be flagged as potentially unsafe\n\nunder certain circumstances, such as when they are downloaded from a\n\nweb page. While these content types are not automatically launched,\n\nif manually opened they could lead to the execution of a malicious\n\nJavaScript payload or arbitrary code execution. This update improves\n\nthe system\u2019s ability to notify users before handling content types\n\nused by Safari. Credit to Clint Ruoho of Laconic Security for\n\nreporting this issue.\n\nCUPS\n\nCVE-ID: CVE-2010-0393\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may be able to obtain system privileges\n\nDescription: A format string issue exists in the lppasswd CUPS\n\nutility. This may allow a local user to obtain system privileges. Mac\n\nOS X v10.6 systems are only affected if the setuid bit has been set\n\non the binary. This issue is addressed by using default directories\n\nwhen running as a setuid process. Credit to Ronald Volgers for\n\nreporting this issue.\n\ncurl\n\nCVE-ID: CVE-2009-2417\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A man-in-the-middle attacker may be able to impersonate a\n\ntrusted server\n\nDescription: A canonicalization issue exists in curl\u2019s handling of\n\nNULL characters in the subject\u2019s Common Name (CN) field of X.509\n\ncertificates. This may lead to man-in-the-middle attacks against\n\nusers of the curl command line tool, or applications using libcurl.\n\nThis issue is addressed through improved handling of NULL characters.\n\ncurl\n\nCVE-ID: CVE-2009-0037\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Using curl with -L may allow a remote attacker to read or\n\nwrite local files\n\nDescription: curl will follow HTTP and HTTPS redirects when used\n\nwith the -L option. When curl follows a redirect, it allows file://\n\nURLs. This may allow a remote attacker to access local files. This\n\nissue is addressed through improved validation of redirects. This\n\nissue does not affect Mac OS X v10.6 systems. Credit to Daniel\n\nStenberg of Haxx AB for reporting this issue.\n\nCyrus IMAP\n\nCVE-ID: CVE-2009-2632\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: A local user may be able to obtain the privileges of the\n\nCyrus user\n\nDescription: A buffer overflow exists in the handling of sieve\n\nscripts. By running a maliciously crafted sieve script, a local user\n\nmay be able to obtain the privileges of the Cyrus user. This issue is\n\naddressed through improved bounds checking. This issue does not\n\naffect Mac OS X v10.6 systems.\n\nCyrus SASL\n\nCVE-ID: CVE-2009-0688\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: An unauthenticated remote attacker may cause unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the Cyrus SASL\n\nauthentication module. Using Cyrus SASL authentication may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. This issue does\n\nnot affect Mac OS X v10.6 systems.\n\nDesktopServices\n\nCVE-ID: CVE-2010-0064\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Items copied in the Finder may be assigned an unexpected\n\nfile owner\n\nDescription: When performing an authenticated copy in the Finder,\n\noriginal file ownership may be unexpectedly copied. This update\n\naddresses the issue by ensuring that copied files are owned by the\n\nuser performing the copy. This issue does not affect systems prior to\n\nMac OS X v10.6. Credit to Gerrit DeWitt of Auburn University (Auburn,\n\nAL) for reporting this issue.\n\nDesktopServices\n\nCVE-ID: CVE-2010-0537\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may gain access to user data via a multi-\n\nstage attack\n\nDescription: A path resolution issue in DesktopServices is\n\nvulnerable to a multi-stage attack. A remote attacker must first\n\nentice the user to mount an arbitrarily named share, which may be\n\ndone via a URL scheme. When saving a file using the default save\n\npanel in any application, and using \u201cGo to folder\u201d or dragging\n\nfolders to the save panel, the data may be unexpectedly saved to the\n\nmalicious share. This issue is addressed through improved path\n\nresolution. This issue does not affect systems prior to Mac OS X\n\nv10.6. Credit to Sidney San Martin working with DeepTech, Inc. for\n\nreporting this issue.\n\nDisk Images\n\nCVE-ID: CVE-2010-0065\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mounting a maliciously crafted disk image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nbzip2 compressed disk images. Mounting a maliciously crafted disk\n\nimage may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed through improved bounds\n\nchecking. Credit: Apple.\n\nDisk Images\n\nCVE-ID: CVE-2010-0497\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mounting a maliciously crafted disk image may lead to\n\narbitrary code execution\n\nDescription: A design issue exists in the handling of internet\n\nenabled disk images. Mounting an internet enabled disk image\n\ncontaining a package file type will open it rather than revealing it\n\nin the Finder. This file quarantine feature helps to mitigate this\n\nissue by providing a warning dialog for unsafe file types. This issue\n\nis addressed through improved handling of package file types on\n\ninternet enabled disk images. Credit to Brian Mastenbrook working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nDirectory Services\n\nCVE-ID: CVE-2010-0498\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may obtain system privileges\n\nDescription: An authorization issue in Directory Services\u2019 handling\n\nof record names may allow a local user to obtain system privileges.\n\nThis issue is addressed through improved authorization checks.\n\nCredit: Apple.\n\nDovecot\n\nCVE-ID: CVE-2010-0535\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may be able to send and receive mail\n\neven if the user is not on the SACL of users who are permitted to do\n\nso\n\nDescription: An access control issue exists in Dovecot when Kerberos\n\nauthentication is enabled. This may allow an authenticated user to\n\nsend and receive mail even if the user is not on the service access\n\ncontrol list (SACL) of users who are permitted to do so. This issue\n\nis addressed through improved access control checks. This issue does\n\nnot affect systems prior to Mac OS X v10.6.\n\nEvent Monitor\n\nCVE-ID: CVE-2010-0500\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may cause arbitrary systems to be added to\n\nthe firewall blacklist\n\nDescription: A reverse DNS lookup is performed on remote ssh clients\n\nthat fail to authenticate. A plist injection issue exists in the\n\nhandling of resolved DNS names. This may allow a remote attacker to\n\ncause arbitrary systems to be added to the firewall blacklist. This\n\nissue is addressed by properly escaping resolved DNS names. Credit:\n\nApple.\n\nFreeRADIUS\n\nCVE-ID: CVE-2010-0524\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may obtain access to a network via RADIUS\n\nauthentication\n\nDescription: A certificate authentication issue exists in the\n\ndefault Mac OS X configuration of the FreeRADIUS server. A remote\n\nattacker may use EAP-TLS with an arbitrary valid certificate to\n\nauthenticate and connect to a network configured to use FreeRADIUS\n\nfor authentication. This issue is addressed by disabling support for\n\nEAP-TLS in the configuration. RADIUS clients should use EAP-TTLS\n\ninstead. This issue only affects Mac OS X Server systems. Credit to\n\nChris Linstruth of Qnet for reporting this issue.\n\nFTP Server\n\nCVE-ID: CVE-2010-0501\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Users may be able to retrieve files outside the FTP root\n\ndirectory\n\nDescription: A directory traversal issue exists in FTP Server. This\n\nmay allow a user to retrieve files outside the FTP root directory.\n\nThis issue is addressed through improved handling of file names. This\n\nissue only affects Mac OS X Server systems. Credit: Apple.\n\niChat Server\n\nCVE-ID: CVE-2006-1329\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An implementation issue exists in jabberd\u2019s handling of\n\nSASL negotiation. A remote attacker may be able to terminate the\n\noperation of jabberd. This issue is addressed through improved\n\nhandling of SASL negotiation. This issue only affects Mac OS X Server\n\nsystems.\n\niChat Server\n\nCVE-ID: CVE-2010-0502\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Chat messages may not be logged\n\nDescription: A design issue exists in iChat Server\u2019s support for\n\nconfigurable group chat logging. iChat Server only logs messages with\n\ncertain message types. This may allow a remote user to send a message\n\nthrough the server without it being logged. The issue is addressed by\n\nremoving the capability to disable group chat logs, and logging all\n\nmessages that are sent through the server. This issue only affects\n\nMac OS X Server systems. Credit: Apple.\n\niChat Server\n\nCVE-ID: CVE-2010-0503\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A use-after-free issue exists in iChat Server. An\n\nauthenticated user may be able to cause an unexpected application\n\ntermination or arbitrary code execution. This issue is addressed\n\nthrough improved memory reference tracking. This issue only affects\n\nMac OS X Server systems, and does not affect versions 10.6 or later.\n\niChat Server\n\nCVE-ID: CVE-2010-0504\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: Multiple stack buffer overflow issues exist in iChat\n\nServer. An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution. These issues are\n\naddressed through improved memory management. These issues only\n\naffect Mac OS X Server systems. Credit: Apple.\n\nImageIO\n\nCVE-ID: CVE-2010-0505\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted JP2 image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of JP2\n\nimages. Viewing a maliciously crafted JP2 image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. Credit to Chris\n\nRies of Carnegie Mellon University Computing Service, and researcher\n\n\u201c85319bb6e6ab398b334509c50afce5259d42756e\u201d working with\n\nTippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0041\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Visiting a maliciously crafted website may result in sending\n\ndata from Safari\u2019s memory to the website\n\nDescription: An uninitialized memory access issue exists in\n\nImageIO\u2019s handling of BMP images. Visiting a maliciously crafted\n\nwebsite may result in sending data from Safari\u2019s memory to the\n\nwebsite. This issue is addressed through improved memory\n\ninitialization and additional validation of BMP images. Credit to\n\nMatthew \u2018j00ru\u2019 Jurczyk of Hispasec for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0042\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Visiting a maliciously crafted website may result in sending\n\ndata from Safari\u2019s memory to the website\n\nDescription: An uninitialized memory access issue exists in\n\nImageIO\u2019s handling of TIFF images. Visiting a maliciously crafted\n\nwebsite may result in sending data from Safari\u2019s memory to the\n\nwebsite. This issue is addressed through improved memory\n\ninitialization and additional validation of TIFF images. Credit to\n\nMatthew \u2018j00ru\u2019 Jurczyk of Hispasec for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0043\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Processing a maliciously crafted TIFF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nTIFF images. Processing a maliciously crafted TIFF image may lead to\n\nan unexpected application termination or arbitrary code execution.\n\nThis issue is addressed through improved memory handling. This issue\n\ndoes not affect systems prior to Mac OS X v10.6. Credit to Gus\n\nMueller of Flying Meat for reporting this issue.\n\nImage RAW\n\nCVE-ID: CVE-2010-0506\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Viewing a maliciously crafted NEF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in Image RAW\u2019s handling of NEF\n\nimages. Viewing a maliciously crafted NEF image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. This issue does\n\nnot affect Mac OS X v10.6 systems. Credit: Apple.\n\nImage RAW\n\nCVE-ID: CVE-2010-0507\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted PEF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in Image RAW\u2019s handling of PEF\n\nimages. Viewing a maliciously crafted PEF image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. Credit to Chris\n\nRies of Carnegie Mellon University Computing Services for reporting\n\nthis issue.\n\nLibsystem\n\nCVE-ID: CVE-2009-0689\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Applications that convert untrusted data between binary\n\nfloating point and text may be vulnerable to an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the floating point binary\n\nto text conversion code within Libsystem. An attacker who can cause\n\nan application to convert a floating point value into a long string,\n\nor to parse a maliciously crafted string as a floating point value,\n\nmay be able to cause an unexpected application termination or\n\narbitrary code execution. This issue is addressed through improved\n\nbounds checking. Credit to Maksymilian Arciemowicz of\n\nSecurityReason.com for reporting this issue.\n\nMail\n\nCVE-ID: CVE-2010-0508\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Rules associated with a deleted mail account remain in\n\neffect\n\nDescription: When a mail account is deleted, user-defined filter\n\nrules associated with that account remain active. This may result in\n\nunexpected actions. This issue is addressed by disabling associated\n\nrules when a mail account is deleted.\n\nMail\n\nCVE-ID: CVE-2010-0525\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mail may use a weaker encryption key for outgoing email\n\nDescription: A logic issue exists in Mail\u2019s handling of encryption\n\ncertificates. When multiple certificates for the recipient exist in\n\nthe keychain, Mail may select an encryption key that is not intended\n\nfor encipherment. This may lead to a security issue if the chosen key\n\nis weaker than expected. This issue is addressed by ensuring that the\n\nkey usage extension within certificates is evaluated when selecting a\n\nmail encryption key. Credit to Paul Suh of ps Enable, Inc. for\n\nreporting this issue.\n\nMailman\n\nCVE-ID: CVE-2008-0564\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in Mailman 2.1.9\n\nDescription: Multiple cross-site scripting issues exist in Mailman\n\n2.1.9. These issues are addressed by updating Mailman to version\n\n2.1.13. Further information is available via the Mailman site at\n\nhttp://mail.python.org/pipermail/mailman-\n\nannounce/2009-January/000128.html These issues only affect Mac OS X\n\nServer systems, and do not affect versions 10.6 or later.\n\nMySQL\n\nCVE-ID: CVE-2008-4456, CVE-2008-7247, CVE-2009-2446, CVE-2009-4019,\n\nCVE-2009-4030\n\nAvailable for: Mac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in MySQL 5.0.82\n\nDescription: MySQL is updated to version 5.0.88 to address multiple\n\nvulnerabilities, the most serious of which may lead to arbitrary code\n\nexecution. These issues only affect Mac OS X Server systems. Further\n\ninformation is available via the MySQL web site at\n\nhttp://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html\n\nOS Services\n\nCVE-ID: CVE-2010-0509\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may be able to obtain elevated privileges\n\nDescription: A privilege escalation issue exists in SFLServer, as it\n\nruns as group \u2018wheel\u2019 and accesses files in users\u2019 home directories.\n\nThis issue is addressed through improved privilege management. Credit\n\nto Kevin Finisterre of DigitalMunition for reporting this issue.\n\nPassword Server\n\nCVE-ID: CVE-2010-0510\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to log in with an outdated\n\npassword\n\nDescription: An implementation issue in Password Server\u2019s handling\n\nof replication may cause passwords to not be replicated. A remote\n\nattacker may be able to log in to a system using an outdated\n\npassword. This issue is addressed through improved handling of\n\npassword replication. This issue only affects Mac OS X Server\n\nsystems. Credit to Jack Johnson of Anchorage School District for\n\nreporting this issue.\n\nperl\n\nCVE-ID: CVE-2008-5302, CVE-2008-5303\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: A local user may cause arbitrary files to be deleted\n\nDescription: Multiple race condition issues exist in the rmtree\n\nfunction of the perl module File::Path. A local user with write\n\naccess to a directory that is being deleted may cause arbitrary files\n\nto be removed with the privileges of the perl process. This issue is\n\naddressed through improved handling of symbolic links. This issue\n\ndoes not affect Mac OS X v10.6 systems.\n\nPHP\n\nCVE-ID: CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4017\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in PHP 5.3.0\n\nDescription: PHP is updated to version 5.3.1 to address multiple\n\nvulnerabilities, the most serious of which may lead to arbitary code\n\nexecution. Further information is available via the PHP website at\n\nhttp://www.php.net/\n\nPHP\n\nCVE-ID: CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4142,\n\nCVE-2009-4143\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in PHP 5.2.11\n\nDescription: PHP is updated to version 5.2.12 to address multiple\n\nvulnerabilities, the most serious of which may lead to cross-site\n\nscripting. Further information is available via the PHP website at\n\nhttp://www.php.net/\n\nPodcast Producer\n\nCVE-ID: CVE-2010-0511\n\nAvailable for: Mac OS X Server v10.6 through v10.6.2\n\nImpact: An unauthorized user may be able to access a Podcast\n\nComposer workflow\n\nDescription: When a Podcast Composer workflow is overwritten, the\n\naccess restrictions are removed. This may allow an unauthorized user\n\nto access a Podcast Composer workflow. This issue is addressed\n\nthrough improved handling of workflow access restrictions. Podcast\n\nComposer was introduced in Mac OS X Server v10.6.\n\nPreferences\n\nCVE-ID: CVE-2010-0512\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A network user may be able to bypass system login\n\nrestrictions\n\nDescription: An implementation issue exists in the handling of\n\nsystem login restrictions for network accounts. If the network\n\naccounts allowed to log in to the system at the Login Window are\n\nidentified by group membership only, the restriction will not be\n\nenforced, and all network users will be allowed to log in to the\n\nsystem. The issue is addressed through improved group restriction\n\nmanagement in the Accounts preference pane. This issue only affects\n\nsystems configured to use a network account server, and does not\n\naffect systems prior to Mac OS X v10.6. Credit to Christopher D.\n\nGrieb of University of Michigan MSIS for reporting this issue.\n\nPS Normalizer\n\nCVE-ID: CVE-2010-0513\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted PostScript file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A stack buffer overflow exists in the handling of\n\nPostScript files. Viewing a maliciously crafted PostScript file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of PostScript files. On Mac OS X v10.6 systems this issue\n\nis mitigated by the -fstack-protector compiler flag. Credit: Apple.\n\nQuickTime\n\nCVE-ID: CVE-2010-0062\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in QuickTime\u2019s handling\n\nof H.263 encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of H.263 encoded movie files. Credit to Damian Put working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0514\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of H.261\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of H.261 encoded movie files. Credit to Will Dormann of\n\nthe CERT/CC for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0515\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption in the handling of H.264 encoded\n\nmovie files. Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed by performing additional validation of H.264\n\nencoded movie files.\n\nQuickTime\n\nCVE-ID: CVE-2010-0516\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow in the handling of RLE encoded\n\nmovie files. Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed by performing additional validation of RLE encoded\n\nmovie files. Credit to an anonymous researcher working with\n\nTippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0517\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow in the handling of M-JPEG\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of M-JPEG encoded movie files. Credit to Damian Put\n\nworking with TippingPoint\u2019s Zero Day Initiative for reporting this\n\nissue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0518\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nSorenson encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of Sorenson encoded movie files. Credit to Will Dormann of\n\nthe CERT/CC for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0519\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: An integer overflow exists in the handling of FlashPix\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0520\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of FLC\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of FLC encoded movie files. Credit to Moritz Jodeit of\n\nn.runs AG, working with TippingPoint\u2019s Zero Day Initiative, and\n\nNicols Joly of VUPEN Security for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0526\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted MPEG file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of MPEG\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of MPEG encoded movie files. Credit to an anonymous\n\nresearcher working with TippingPoint\u2019s Zero Day Initiative for\n\nreporting this issue.\n\nRuby\n\nCVE-ID: CVE-2009-2422, CVE-2009-3009, CVE-2009-4214\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple issues in Ruby on Rails\n\nDescription: Multiple vulnerabilities exist in Ruby on Rails, the\n\nmost serious of which may lead to cross-site scripting. On Mac OS X\n\nv10.6 systems, these issues are addressed by updating Ruby on Rails\n\nto version 2.3.5. Mac OS X v10.5 systems are affected only by\n\nCVE-2009-4214, and this issue is addressed through improved\n\nvalidation of arguments to strip_tags.\n\nRuby\n\nCVE-ID: CVE-2009-1904\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Running a Ruby script that uses untrusted input to\n\ninitialize a BigDecimal object may lead to an unexpected application\n\ntermination\n\nDescription: A stack exhaustion issue exists in Ruby\u2019s handling of\n\nBigDecimal objects with very large values. Running a Ruby script that\n\nuses untrusted input to initialize a BigDecimal object may lead to an\n\nunexpected application termination. For Mac OS X v10.6 systems, this\n\nissue is addressed by updating Ruby to version 1.8.7-p173. For Mac OS\n\nv10.5 systems, this issue is addressed by updating Ruby to version\n\n1.8.6-p369.\n\nServer Admin\n\nCVE-ID: CVE-2010-0521\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may extract information from Open\n\nDirectory\n\nDescription: A design issue exists in the handling of authenticated\n\ndirectory binding. A remote attacker may be able to anonymously\n\nextract information from Open Directory, even if the \u201cRequire\n\nauthenticated binding between directory and clients\u201d option is\n\nenabled. The issue is addressed by removing this configuration\n\noption. This issue only affects Mac OS X Server systems. Credit to\n\nScott Gruby of Gruby Solutions, and Mathias Haack of GRAVIS\n\nComputervertriebsgesellschaft mbH for reporting this issue.\n\nServer Admin\n\nCVE-ID: CVE-2010-0522\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: A former administrator may have unauthorized access to\n\nscreen sharing\n\nDescription: A user who is removed from the \u2018admin\u2019 group may still\n\nconnect to the server using screen sharing. This issue is addressed\n\nthrough improved handling of administrator privileges. This issue\n\nonly affects Mac OS X Server systems, and does not affect version\n\n10.6 or later. Credit: Apple.\n\nSMB\n\nCVE-ID: CVE-2009-2906\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An infinite loop issue exists in Samba\u2019s handling of\n\nSMB \u2018oplock\u2019 break notifications. A remote attacker may be able to\n\ntrigger an infinite loop in smbd, causing it to consume excessive CPU\n\nresources. The issue is addressed through improved handling of\n\n\u2018oplock\u2019 break notifications.\n\nTomcat\n\nCVE-ID: CVE-2009-0580, CVE-2009-0033, CVE-2009-0783, CVE-2008-5515,\n\nCVE-2009-0781, CVE-2009-2901, CVE-2009-2902, CVE-2009-2693\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in Tomcat 6.0.18\n\nDescription: Tomcat is updated to version 6.0.24 to address multiple\n\nvulnerabilities, the most serious of which may lead to a cross site\n\nscripting attack. Tomcat is only provided on Mac OS X Server systems.\n\nFurther information is available via the Tomcat site at\n\nhttp://tomcat.apache.org/\n\nunzip\n\nCVE-ID: CVE-2008-0888\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Extracting maliciously crafted zip files using the unzip\n\ncommand tool may lead to an unexpected application termination or\n\ncode execution\n\nDescription: An uninitialized pointer issue exists is the handling\n\nof zip files. Extracting maliciously crafted zip files using the\n\nunzip command tool may lead to an unexpected application termination\n\nor arbitrary code execution. This issue is addressed by performing\n\nadditional validation of zip files. This issue does not affect Mac OS\n\nX v10.6 systems.\n\nvim\n\nCVE-ID: CVE-2008-2712, CVE-2008-4101, CVE-2009-0316\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in vim 7.0\n\nDescription: Multiple vulnerabilities exist in vim 7.0, the most\n\nserious of which may lead to arbitrary code execution when working\n\nwith maliciously crafted files. These issues are addressed by\n\nupdating to vim 7.2.102. These issues do not affect Mac OS X v10.6\n\nsystems. Further information is available via the vim website at\n\nhttp://www.vim.org/\n\nWiki Server\n\nCVE-ID: CVE-2010-0523\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: Uploading a maliciously crafted applet may lead to the\n\ndisclosure of sensitive information\n\nDescription: Wiki Server allows users to upload active content such\n\nas Java applets. A remote attacker may obtain sensitive information\n\nby uploading a maliciously crafted applet and directing a Wiki Server\n\nuser to view it. The issue is addressed by restricting the file types\n\nthat may be uploaded to the Wiki Server. This issue only affects Mac\n\nOS X Server systems, and does not affect versions 10.6 or later.\n\nWiki Server\n\nCVE-ID: CVE-2010-0534\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may bypass weblog creation\n\nrestrictions\n\nDescription: Wiki Server supports service access control lists\n\n(SACLs), allowing an administrator to control the publication of\n\ncontent. Wiki Server fails to consult the weblog SACL during the\n\ncreation of a user\u2019s weblog. This may allow an authenticated user to\n\npublish content to the Wiki Server, even though publication should be\n\ndisallowed by the service ACL. This issue does not affect systems\n\nprior to Mac OS X v10.6.\n\nX11\n\nCVE-ID: CVE-2009-2042\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted image may lead to the\n\ndisclosure of sensitive information\n\nDescription: libpng is updated to version 1.2.37 to address an issue\n\nthat may result in the disclosure of sensitive information. Further\n\ninformation is available via the libpng site at\n\nhttp://www.libpng.org/pub/png/libpng.html\n\nX11\n\nCVE-ID: CVE-2003-0063\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Displaying maliciously crafted data within an xterm terminal\n\nmay lead to arbitrary code execution\n\nDescription: The xterm program supports a command sequence to change\n\nthe window title, and to print the window title to the terminal. The\n\ninformation returned is provided to the terminal as though it were\n\nkeyboard input from the user. Within an xterm terminal, displaying\n\nmaliciously crafted data containing such sequences may result in\n\ncommand injection. The issue is addressed by disabling the affected\n\ncommand sequence.\n\nxar\n\nCVE-ID: CVE-2010-0055\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: A modified package may appear as validly signed\n\nDescription: A design issue exists in xar when validating a package\n\nsignature. This may allow a modified package to appear as validly\n\nsigned. This issue is fixed through improved package signature\n\nvalidation. This issue does not affect Mac OS X v10.6 systems.\n\nCredit: Apple.\n\nSecurity Update 2010-002 / Mac OS X v10.6.3 may be obtained from\n\nthe Software Update pane in System Preferences, or Apple\u2019s Software\n\nDownloads web site:\n\nhttp://www.apple.com/support/downloads/\n\n[](<https://threatpost.com/apple-mega-patch-covers-88-mac-os-x-vulnerabilities-032910/>)Apple today released one of its biggest Mac OS X security updates in recent memory, covering a whopping 88 documented vulnerabilities.\n\nThe Mac OS X v10.6.3 update, which is considered \u201ccritical,\u201d covers flaws that could lead to remote code execution, information disclosure and denial-of-service attacks.\n\nIn some scenarios, a malicious hacker could take complete control of a Mac-powered machine if a user simply views a malicious image or movie file.\n\nThe update covers critical vulnerabilities in AppKit, QuickTime,CoreMedia, CoreTypes, DiskImages, ImageIO and Image RAW.\n\nIt also covers holes in several open-source components, including Apache, ClamAV, MySQL, PHP.\n\nHere\u2019s [the full list](<http://support.apple.com/kb/HT4077>) of the patched vulnerabilities. \n\nThe Security Update 2010-002 / Mac OS X v10.6.3 may be obtained from the Software Update pane in System Preferences, or [Apple\u2019s Software Downloads](<site:http://www.apple.com/support/downloads/>) web page.\n", "modified": "2013-04-17T16:37:25", "published": "2010-03-29T17:15:44", "id": "THREATPOST:4F867C686B7E31697E158FBD04A5DD35", "href": "https://threatpost.com/apple-mega-patch-covers-88-mac-os-x-vulnerabilities-032910/73753/", "type": "threatpost", "title": "Apple Mega Patch Covers 88 Mac OS X Vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
