118 matches found
CVE-2013-2145
The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...
Design/Logic Flaw
The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...
CVE-2013-2145
The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...
CVE-2013-2145
The CVE-2013-2145 issue affects the Perl Module::Signature (cpansign verify) prior to version 0.72. A specially crafted SIGNATURE file containing a “special unknown cipher” can cause Digest/ references to be loaded via an untrusted path, allowing arbitrary code execution when cpansign -verify run...
Fedora 17 : perl-Module-Signature-0.73-1.fc17 (2013-10415)
This update ensures that digest modules are only loaded from absolute paths in @INC, avoiding a potential arbitrary code execution problem CVE-2013-2145. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
Fedora 19 : perl-Module-Signature-0.73-1.fc19 (2013-10354)
This update ensures that digest modules are only loaded from absolute paths in @INC, avoiding a potential arbitrary code execution problem CVE-2013-2145. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
Fedora 18 : perl-Module-Signature-0.73-1.fc18 (2013-10430)
This update ensures that digest modules are only loaded from absolute paths in @INC, avoiding a potential arbitrary code execution problem CVE-2013-2145. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
perl Module::Signature privilege escalation
Relative path is used to execute external application...
[USN-1896-1] Module::Signature perl module vulnerability
========================================================================== Ubuntu Security Notice USN-1896-1 July 03, 2013 libmodule-signature-perl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
USN-1896-1: Module::Signature perl module vulnerability
Florian Weimer discovered that the Module::Signature perl module incorrectly loaded unknown ciphers from relative directories. An attacker could possibly use this flaw to execute arbitrary code when a signature is verified...
Mandriva Linux Security Advisory : perl-Module-Signature (MDVSA-2013:185)
Updated perl-Module-Signature package fixes CVE-2013-2145 Arbitrary code execution vulnerability in Module::Signature before 0.72 CVE-2013-2145. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandriva Linux Security...
MGASA-2013-0184 Updated perl-Module-Signature package fixes CVE-2013-2145
Arbitrary code execution vulnerability in Module::Signature before 0.72 CVE-2013-2145...
Updated perl-Module-Signature package fixes CVE-2013-2145
Arbitrary code execution vulnerability in Module::Signature before 0.72 CVE-2013-2145...
Fedora Update for perl-Module-Signature FEDORA-2013-10430
Check for the Version of perl-Module-Signature OpenVAS Vulnerability Test Fedora Update for perl-Module-Signature FEDORA-2013-10430 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for perl-Module-Signature FEDORA-2013-10430
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for perl-Module-Signature FEDORA-2013-10415
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for perl-Module-Signature FEDORA-2013-10415
Check for the Version of perl-Module-Signature OpenVAS Vulnerability Test Fedora Update for perl-Module-Signature FEDORA-2013-10415 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
CVE-2013-2145
The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...