93 matches found
Ubuntu Update for perl USN-1129-1
Ubuntu Update for Linux kernel vulnerabilities USN-1129-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11291.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for perl USN-1129-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
USN-1129-1: Perl vulnerabilities
It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. An attacker could use this flaw to bypass intended restrictions and possibly execute arbitrary code. CVE-2010-1168, CVE-2010-1447 It was discovered that the CGI.pm Perl module...
[SECURITY] Fedora 13 Update: perl-CGI-Simple-1.113-1.fc13
Simple totally OO CGI interface that is CGI.pm compliant...
FreeBSD : bugzilla -- multiple serious vulnerabilities (c8c927e5-2891-11e0-8f26-00151735203a)
A Bugzilla Security Advisory reports : This advisory covers three security issues that have recently been fixed in the Bugzilla code : - A weakness in Bugzilla could allow a user to gain unauthorized access to another Bugzilla account. - A weakness in the Perl CGI.pm module allows injecting HTTP...
bugzilla -- multiple serious vulnerabilities
A Bugzilla Security Advisory reports: This advisory covers three security issues that have recently been fixed in the Bugzilla code: A weakness in Bugzilla could allow a user to gain unauthorized access to another Bugzilla account. A weakness in the Perl CGI.pm module allows injecting HTTP header...
Mandriva Update for perl-CGI MDVSA-2011:008 (perl-CGI)
Check for the Version of perl-CGI OpenVAS Vulnerability Test Mandriva Update for perl-CGI MDVSA-2011:008 perl-CGI Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Design/Logic Flaw
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761...
CVE-2010-4410
CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...
CVE-2010-4411
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761...
CVE-2010-2761
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
CVE-2010-2761
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
CVE-2010-4410
CGI.pm (before 3.50) and CGI::Simple (1.112 and earlier) expose a CRLF injection in the header function that allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via non-whitespace characters that follow newline characters. This is a separate issue from CVE...
CVE-2010-4411
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761...
CVE-2010-4410
CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...
CVE-2010-2761
CVE-2010-2761 affects CGI.pm (before 3.50) and CGI::Simple (CGI::Simple 1.112 and earlier). The multipart_init function uses a hardcoded MIME boundary in multipart/x-mixed-replace, enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via crafted input. Re...
CVE-2010-4411
CVE-2010-4411 affects CGI.pm (and CGI::Simple) up to version 3.50 and earlier, allowing remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unknown vectors. The description notes this issue exists because of an incomplete fix for CVE-2010-2761, linking the tw...
CVE-2010-4410
CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...
CVE-2010-4411
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761...
CVE-2010-2761
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
CVE-2010-4410
CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...