11 matches found
Mageia: Security Advisory (MGASA-2024-0127)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated perl-HTTP-Body packages fix security vulnerability
HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier module for Perl uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may assume...
openSUSE Security Update : perl-HTTP-Body (openSUSE-SU-2014:0433-1)
perl-HTTP-Body was updated to 1.19 and also received a security fix for a potential remote code injection when upload files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-247...
[SECURITY] [DSA 2801-1] libhttp-body-perl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2801-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 21, 2013 http://www.debian.org/security/faq -...
Mandriva Linux Security Advisory : perl-HTTP-Body (MDVSA-2013:282)
Updated perl-HTTP-Body package fixes security vulnerability : Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to...
CVE-2013-4407
HTTP::Body::Multipart in the HTTP-Body module for Perl 1.07 through 1.22, before 1.23 uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may...
CVE-2013-4407
CVE-2013-4407 affects Perl’s HTTP::Body::Multipart in the HTTP-Body module. Vulnerable: Perl HTTP-Body versions 1.07–1.22 (before 1.23) where the code uses the part of the uploaded file name after the first dot as the suffix of a temporary file, which may be misinterpreted by downstream logic tha...
CVE-2013-4407
HTTP::Body::Multipart in the HTTP-Body module for Perl 1.07 through 1.22, before 1.23 uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may...
Updated perl-HTTP-Body packages fix CVE-2013-4407
Updated perl-HTTP-Body package fixes security vulnerability: Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to...
[SECURITY] [DSA 2801-1] libhttp-body-perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2801-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 21, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2801-1] libhttp-body-perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2801-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 21, 2013 http://www.debian.org/security/faq -...