Active Perl Modules Multiple Vulnerabilities (Windows)

The host is installed with Active Perl and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbactiveperlmodulesmultvulnwin.nasl 6115 2017-05-12 09:03:25Z teissa $ Active Perl Modules Multiple Vulnerabilities Windows Authors: Arun Kallavi Copyright: Copyright c 2012 Greenbone...

CVE-2011-2728

CVE-2011-2728 affects the File::Glob module in Perl prior to 5.14.2. An attacker can trigger a denial-of-service (crash) by using a glob expression with the GLOB_ALTDIRFUNC flag, causing an uninitialized pointer dereference. The vulnerability is documented in multiple sources linked to Perl relea...

Perl "decode_xs()"和"File::Glob::bsd_glob()"远程代码执行漏洞

BUGTRAQ ID: 49858 CVE ID: CVE-2011-2728,CVE-2011-2939 Perl是一种高级、通用、直译式、动态的程序语言。 Perl的"decodexs"和"File::Glob::bsdglob"函数在实现上存在远程代码执行漏洞，远程攻击者可利用此漏洞执行任意代码。 1）在处理GLOBALTDIRFUNC旗标时，"File::Glob::bsdglob"函数中存在的错误可被利用造成非法访问和执行任意代码。 2）Encode中的"decodexs"函数中的错误可通过特制输入造成堆缓冲区溢出。 Perl 5.14.1 厂商补丁： Perl ----...