12 matches found
RHEL 3 : perl-libwww-perl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - perl-libwww-perl: multiple HTTP client download filename vulnerability OCERT 2010-001 CVE-2010-2253 Note that Nessu...
RHEL 4 : perl-libwww-perl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-libwww-perl: multiple HTTP client download filename vulnerability OCERT 2010-001 CVE-2010-2253 -...
Gentoo Security Advisory GLSA 201402-04
Gentoo Linux Local Security Checks GLSA 201402-04 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Fedora Update for perl-libwww-perl FEDORA-2010-15405
Check for the Version of perl-libwww-perl OpenVAS Vulnerability Test Fedora Update for perl-libwww-perl FEDORA-2010-15405 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for perl-libwww-perl FEDORA-2010-15532
Check for the Version of perl-libwww-perl OpenVAS Vulnerability Test Fedora Update for perl-libwww-perl FEDORA-2010-15532 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora 14 : perl-libwww-perl-5.837-2.fc14 (2010-15405)
Fix broken package dependencies CVE-2010-2253 lwp-download now needs the -s option to honor the Content-Disposition header CVE-2010-2253 lwp-download now needs the -s option to honor the Content-Disposition header Note that Tenable Network Security has extracted the preceding description block...
Fedora 13 : perl-libwww-perl-5.837-2.fc13 (2010-15532)
Fix broken package dependencies CVE-2010-2253 lwp-download now needs the -s option to honor the Content-Disposition header CVE-2010-2253 lwp-download now needs the -s option to honor the Content-Disposition header Note that Tenable Network Security has extracted the preceding description block...
FreeBSD Ports: p5-libwww
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Mandriva Update for perl-libwww-perl MDVSA-2010:167 (perl-libwww-perl)
Check for the Version of perl-libwww-perl OpenVAS Vulnerability Test Mandriva Update for perl-libwww-perl MDVSA-2010:167 perl-libwww-perl Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribu...
CVE-2010-2253
lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . dot character, which allows remote servers to create or overwrite files via 1 a 3xx redirect to a URL with a crafted filename or 2 a Content-Disposition header that suggests a crafted filename, and...
CVE-2010-2253
CVE-2010-2253 affects libwww-perl’s lwp-download in versions before 5.835. A crafted filename via 3xx redirects or Content-Disposition can cause remote servers to create/overwrite dotfiles (e.g., in a home directory), potentially leading to arbitrary code execution. Affected component: lwp-downlo...
CVE-2010-2253
lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . dot character, which allows remote servers to create or overwrite files via 1 a 3xx redirect to a URL with a crafted filename or 2 a Content-Disposition header that suggests a crafted filename, and...