Lucene search
Mandriva Update for perl MDVSA-2013:005 (perl)
🗓️ 31 Jan 2013 00:00:00Reported by Copyright (C) 2013 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 23 Views
The remote host is missing an update for the 'perl' package(s) announced via the referenced advisory. A vulnerability has been found and corrected in perl: Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator (CVE-2012-5195). The updated packages have been patched to correct this issue
Show more
| Reporter | Title | Published | Views | Family All 61 |
|---|---|---|---|---|
| Active Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability (Windows) | 23 Jan 201300:00 | – | openvas |
| Strawberry Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability (Windows) | 23 Jan 201300:00 | – | openvas |
| Strawberry Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability - Windows | 23 Jan 201300:00 | – | openvas |
| Mandriva Update for perl MDVSA-2013:005 (perl) | 31 Jan 201300:00 | – | openvas |
| Active Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability - Windows | 23 Jan 201300:00 | – | openvas |
| Debian Security Advisory DSA 2586-1 (perl - several vulnerabilities) | 18 Sep 201300:00 | – | openvas |
| Debian: Security Advisory (DSA-2586-1) | 18 Sep 201300:00 | – | openvas |
| Ubuntu Update for perl USN-1643-1 | 4 Dec 201200:00 | – | openvas |
| CentOS Update for perl CESA-2013:0685 centos5 | 28 Mar 201300:00 | – | openvas |
| Ubuntu: Security Advisory (USN-1643-1) | 4 Dec 201200:00 | – | openvas |
10
| Source | Link |
|---|---|
| mandriva | www.mandriva.com/en/support/security/advisories/ |
# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_xref(name:"URL", value:"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2013:005");
script_oid("1.3.6.1.4.1.25623.1.0.831763");
script_version("2023-07-14T16:09:26+0000");
script_tag(name:"last_modification", value:"2023-07-14 16:09:26 +0000 (Fri, 14 Jul 2023)");
script_tag(name:"creation_date", value:"2013-01-31 09:26:07 +0530 (Thu, 31 Jan 2013)");
script_cve_id("CVE-2012-5195");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_xref(name:"MDVSA", value:"2013:005");
script_name("Mandriva Update for perl MDVSA-2013:005 (perl)");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"summary", value:"The remote host is missing an update for the 'perl'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_tag(name:"qod_type", value:"package");
script_copyright("Copyright (C) 2013 Greenbone AG");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release", re:"ssh/login/release=MNDK_(2011\.0|mes5\.2)");
script_tag(name:"affected", value:"perl on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_tag(name:"insight", value:"A vulnerability has been found and corrected in perl:
Heap-based buffer overflow in the Perl_repeatcpy function in util.c
in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before
15.15.5 allows context-dependent attackers to cause a denial of service
(memory consumption and crash) or possibly execute arbitrary code
via the & 'x' string repeat operator (CVE-2012-5195).
The updated packages have been patched to correct this issue.");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "MNDK_2011.0")
{
if ((res = isrpmvuln(pkg:"perl", rpm:"perl~5.12.3~8.2", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"perl-base", rpm:"perl-base~5.12.3~8.2", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"perl-devel", rpm:"perl-devel~5.12.3~8.2", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"perl-doc", rpm:"perl-doc~5.12.3~8.2", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
if(release == "MNDK_mes5.2")
{
if ((res = isrpmvuln(pkg:"perl", rpm:"perl~5.10.0~25.5mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"perl-base", rpm:"perl-base~5.10.0~25.5mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"perl-devel", rpm:"perl-devel~5.10.0~25.5mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"perl-doc", rpm:"perl-doc~5.10.0~25.5mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"perl-suid", rpm:"perl-suid~5.10.0~25.5mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo31 Jan 2013 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS27.5
EPSS0.01745