Mandriva Linux Security Advisory : perl-Module-Signature (MDVSA-2015:207)

Updated perl-Module-Signature package fixes the following security vulnerabilities reported by John Lightsey : Module::Signature could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. When verifying...

Fedora 20 : perl-Module-Signature-0.78-1.fc20 / perl-Test-Signature-1.11-1.fc20 (2015-5840)

This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a 'skip' parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behavior ...

Fedora Update for perl-Module-Signature FEDORA-2015-5840

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for perl-Module-Signature FEDORA-2015-5833

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated perl-Module-Signature packages fix security vulnerabilities

Updated perl-Module-Signature package fixes the following security vulnerabilities reported by John Lightsey: Module::Signature could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. When verifying t...

MGASA-2015-0160 Updated perl-Module-Signature packages fix security vulnerabilities

Updated perl-Module-Signature package fixes the following security vulnerabilities reported by John Lightsey: Module::Signature could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. When verifying t...

DEBIAN-CVE-2014-9130

scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML aka YAML-XS module for Perl, allows context-dependent attackers to cause a denial of service assertion failure and crash via vectors involving line-wrapping...

CVE-2014-9130

scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML aka YAML-XS module for Perl, allows context-dependent attackers to cause a denial of service assertion failure and crash via vectors involving line-wrapping...

UBUNTU-CVE-2014-9130

scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML aka YAML-XS module for Perl, allows context-dependent attackers to cause a denial of service assertion failure and crash via vectors involving line-wrapping...

CVE-2014-9130

scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML aka YAML-XS module for Perl, allows context-dependent attackers to cause a denial of service assertion failure and crash via vectors involving line-wrapping...

DEBIAN-CVE-2013-7329

The CGI::Application module before 4.5050 and 4.5051 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information web queries and environment details via vectors related to the dumphtml function...

USN-2292-1 liblwp-protocol-https-perl vulnerability

It was discovered that the LWP::Protocol::https perl module incorrectly disabled peer certificate verification completely when only hostname verification was requested to be disabled. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could possibly be exploited i...

'Compress::Raw::Zlib' Perl Module - Remote Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35307/info The 'Compress::Raw::Zlib' Perl module is prone to a remote code-execution vulnerability. Successful exploits may allow remote attackers to execute arbitrary code or cause denial-of-service conditions in...

Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC

No description provided by source. !usr/bin/perl -w Buffer overflow in the snprintvalue function in snmpget in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large OCTETSTRING in a...

SmbClientParser 2.7 Perl Module Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30290/info The SmbClientParser Perl module is prone to a remote command-execution vulnerability because it fails to sufficiently sanitize user-supplied data. Successfully exploiting this issue will allow an attacker to...

Convert-UUlib 1.04/1.05 Perl Module Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13401/info Convert-UUlib Perl module is prone to a remotely exploitable buffer-overflow vulnerability. A remote attacker may leverage this condition to overwrite sensitive program control variables and thus gain control o...

NitroSecurity ESM 8.4.0a - Remote Code Execution

No description provided by source. -- Product description: NitroView ESM is an enterprise-class security information and event management system that identifies, correlates, and remediates threats faster than any other SIEM on the market. -- Problem Description: During research it was found that...

libemail-address-perl security update

Package : libemail-address-perl Version : 1.889-2+deb6u1 CVE ID : CVE-2014-0477 Bastian Blank reported a denial of service vulnerability in Email::Address, a Perl module for RFC 2822 address parsing and creation. Email::Address::parse used significant time on parsing empty quoted strings. A remot...

libemail-address-perl security update

Package : libemail-address-perl Version : 1.889-2+deb6u1 CVE ID : CVE-2014-0477 Bastian Blank reported a denial of service vulnerability in Email::Address, a Perl module for RFC 2822 address parsing and creation. Email::Address::parse used significant time on parsing empty quoted strings. A remot...

DLA-0011-1 libemail-address-perl - security update

Bulletin has no description...