Lucene search
Debian Security Advisory DSA 034-1 (ePerl)
🗓️ 17 Jan 2008 00:00:00Reported by Copyright (C) 2008 E-Soft Inc.Type 
openvas🔗 plugins.openvas.org👁 17 Views
Debian Security Advisory DSA 034-1 (ePerl) buffer overflow bugs in ePerl version 2.2.14-0.7potato2 fixed. Upgrade eperl package immediately
Show more
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
| Debian Security Advisory DSA 034-1 (ePerl) | 17 Jan 200800:00 | – | openvas |
 | CVE-2001-0458 | 27 Jun 200104:00 | – | cve |
 | CVE-2001-0458 | 24 May 200104:00 | – | cvelist |
 | local and remote compromise in eperl | 27 Mar 200116:00 | – | suse |
 | Debian DSA-034-1 : ePerl - remote root exploit | 29 Sep 200400:00 | – | nessus |
| Mandrake Linux Security Advisory : eperl (MDKSA-2001:027) | 6 Sep 201200:00 | – | nessus |
 | CVE-2001-0458 | 27 Jun 200104:00 | – | nvd |
| Source | Link |
|---|---|
| secure1 | www.secure1.securityspace.com/smysecure/catid.html |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53796");
script_cve_id("CVE-2001-0458");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2008-01-17 14:24:38 +0100 (Thu, 17 Jan 2008)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Debian Security Advisory DSA 034-1 (ePerl)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB2\.2");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20034-1");
script_tag(name:"insight", value:"Fumitoshi Ukai and Denis Barbier have found several potential buffer
overflow bugs in our version of ePerl as distributed in all of our
distributions.
When eperl is installed setuid root, it can switch to the UID/GID of
the scripts owner. Although Debian doesn't ship the program setuid
root, this is a useful feature which people may have activated
locally. When the program is used as /usr/lib/cgi-bin/nph-eperl the
bugs could lead into a remote vulnerability as well.
Version 2.2.14-0.7potato2 fixes this.
We recommend you upgrade your eperl package immediately.");
script_tag(name:"summary", value:"The remote host is missing an update to ePerl
announced via advisory DSA 034-1.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"eperl", ver:"2.2.14-0.7potato2", rls:"DEB2.2")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo17 Jan 2008 00:00Current
7.1High risk
Vulners AI Score7.1
CVSS27.5
EPSS0.01717