18 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-3407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files. CVE-2015-340...
RHEL 7 : perl-module-signature (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-Module-Signature: unsigned files interpreted as signed in some circumstances CVE-2015-3406 -...
Debian: Security Advisory (DLA-264-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : perl-Module-Signature (openSUSE-2016-61)
This update to perl-Module-Signature 0.79 fixes the following security issues : - More protection of @INC from relative paths. CVE-2015-3409 - Fix GPG signature parsing logic. CVE-2015-3406 - MANIFEST.SKIP is no longer consulted unless --skip is given. CVE-2015-3407 - Properly use open modes to...
Debian DLA-264-1 : libmodule-signature-perl security update
John Lightsey discovered multiple vulnerabilities in Module::Signature, a Perl module to manipulate CPAN SIGNATURE files. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2015-3406 Module::Signature could parse the unsigned portion of the SIGNATURE file as...
[SECURITY] [DLA 264-1] libmodule-signature-perl security update
Package : libmodule-signature-perl Version : 0.63-1+squeeze2 CVE ID : CVE-2015-3406 CVE-2015-3407 CVE-2015-3408 CVE-2015-3409 Debian Bug : 783451 John Lightsey discovered multiple vulnerabilities in Module::Signature, a Perl module to manipulate CPAN SIGNATURE files. The Common Vulnerabilities an...
DLA-264-1 libmodule-signature-perl - security update
Bulletin has no description...
Ubuntu: Security Advisory (USN-2607-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 3261-2] libmodule-signature-perl regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3261-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 20, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3261-2] libmodule-signature-perl regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3261-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 20, 2015 http://www.debian.org/security/faq -...
CVE-2015-3407
Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files...
CVE-2015-3407
Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files...
CVE-2015-3407
Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files...
CVE-2015-3407
CVE-2015-3407 affects Module::Signature for Perl; root cause is improper handling that allows bypassing signature verification when a SIGNATURE file omits listed files. The issue is widely referenced in multiple advisories and is addressed by upgrading Module::Signature to a fixed version (e.g., ...
Debian DSA-3261-1 : libmodule-signature-perl - security update
Multiple vulnerabilities were discovered in libmodule-signature-perl, a Perl module to manipulate CPAN SIGNATURE files. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-3406 John Lightsey discovered that Module::Signature could parse the unsigned...
Debian Security Advisory DSA 3261-1 (libmodule-signature-perl - security update)
Multiple vulnerabilities were discovered in libmodule-signature-perl, a Perl module to manipulate CPAN SIGNATURE files. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-3406 John Lightsey discovered that Module::Signature could parse the unsigned portio...
USN-2607-1: Module::Signature vulnerabilities
John Lightsey discovered that Module::Signature incorrectly handled PGP signature boundaries. A remote attacker could use this issue to trick Module::Signature into parsing the unsigned portion of the SIGNATURE file as the signed portion. CVE-2015-3406 John Lightsey discovered that...
[USN-2607-1] Module::Signature vulnerabilities
========================================================================== Ubuntu Security Notice USN-2607-1 May 12, 2015 libmodule-signature-perl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...