36 matches found
Solaris 10 (sparc) : 146769-01
SunOS 5.10: CVE-2010-1168 - Safe.pm 2.24 a. Date this patch was last updated by Sun : Mar/30/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Solaris 10 (x86) : 146773-01
SunOS 5.10x86: CVE-2010-1168 - Safe.pm 2.. Date this patch was last updated by Sun : Mar/30/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Oracle Linux 5 : perl (ELSA-2010-0458)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0458 advisory. - CVE-2008-5302 - use latest patch without Cwd module - CVE-2008-5302 perl: File::Path rmtree race condition CVE-2005-0448 reintroduced after upstream...
Scientific Linux Security Update : perl on SL3.x, SL4.x i386/x86_64
Perl is a high-level programming language commonly used for system administration utilities and web programming. The Safe extension module allows users to compile and execute Perl code in restricted compartments. The Safe module did not properly restrict the code of implicitly called methods such...
Scientific Linux Security Update : perl on SL5.x i386/x86_64
Perl is a high-level programming language commonly used for system administration utilities and web programming. The Safe extension module allows users to compile and execute Perl code in restricted compartments. The File::Path module allows users to create and remove directory trees. The Safe...
CentOS Update for perl CESA-2010:0458 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Ubuntu: Security Advisory (USN-1129-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1129-1: Perl vulnerabilities
It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. An attacker could use this flaw to bypass intended restrictions and possibly execute arbitrary code. CVE-2010-1168, CVE-2010-1447 It was discovered that the CGI.pm Perl module...
Fedora Update for perl FEDORA-2011-4918
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Solaris 10 (sparc) : 146769-01
SunOS 5.10: CVE-2010-1168 - Safe.pm 2.24 a. Date this patch was last updated by Sun : Mar/30/11 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2012/01/30. C Tenable Network Security, Inc. if !...
SuSE 11 / 11.1 Security Update : Perl (SAT Patch Numbers 2833 / 2834)
perl Safe.pm module was affected by two problems where attackers could break out of such a safed execution CVE-2010-1447 / CVE-2010-1168. This update fixes this problem. It also fixes the following bugs : - fix tell cornercase bnc596167 - fix regex memory leak bnc557636 - also run h2ph on...
SuSE 10 Security Update : Perl (ZYPP Patch Number 7108)
perl Safe.pm module was affected by two problems where attackers could break out of such a safed execution CVE-2010-1447 / CVE-2010-1168. This update fixes this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
VMSA-2010-0013 : VMware ESX third-party updates for Service Console
a. Service Console update for cpio The service console package cpio is updated to version 2.5-6.RHEL3 for ESX 3.x versions and updated to version 2.6-23.el54.1 for ESX 4.x versions. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2005-4268 and CVE-2010-06...
SuSE9 Security Update : Perl (YOU Patch Number 12628)
perl Safe.pm module was affected by two problems where attackers could break out of such a safed execution CVE-2010-1447, CVE-2010-1168. This update fixes this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
openSUSE Security Update : perl (openSUSE-SU-2010:0519-1)
perl Safe.pm module was affected by two problems where attackers could break out of such a safed execution. CVE-2010-1447 , CVE-2010-1168 This update fixes this problem. Also the following bugs were fixed : - fix tell cornercase bnc596167 - fix regex memory leak bnc557636 - also run h2ph on...
openSUSE Security Update : perl (openSUSE-SU-2010:0518-1)
perl Safe.pm module was affected by two problems where attackers could break out of such a safed execution. CVE-2010-1447 , CVE-2010-1168 This update fixes this problem. Also following non-security bugs were fixed : - fix tell cornercase bnc596167 - fix regex memory leak bnc557636 - do not add...
Fedora Update for perl FEDORA-2010-11323
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 13 : perl-5.10.1-116.fc13 (2010-11323)
CVE-2010-1168 perl Safe: Intended restriction bypass via object references CVE-2010-1447 perl: Safe restriction bypass when reference to subroutine in compartment is called from outside Perl leaked memory with ENV. Note that Tenable Network Security has extracted the preceding description block...
CVE-2010-1168
The Safe aka Safe.pm module before 2.25 for Perl allows context-dependent attackers to bypass intended 1 Safe::reval and 2 Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the a...
CVE-2010-1168
CVE-2010-1168 affects the Safe (Safe.pm) module in Perl. It allows context-dependent bypass of Safe::reval and Safe::rdo restrictions via implicitly called methods (DESTROY, AUTOLOAD) on implicitly blessed objects, enabling arbitrary code execution. Mitigation in the referenced advisories upgrade...