13 matches found
Oracle Enterprise Manager Grid Control Multiple Vulnerabilities (July 2017 CPU) (httpoxy)
The version of Oracle Enterprise Manager Grid Control installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the Bouncy Castle Java library due to improper validation of a point within the elliptic curve. An...
openSUSE Security Update : perl (openSUSE-2016-386)
This update for perl fixes the following issues : - CVE-2016-2381: Fixed environment duplicated variable handling bug boo967082 - fix memory leak in 'use utf8' handling boo928292 - CVE-2015-8607: Fixed taint propagation in canonpath boo961528 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...
Fedora 23 : perl-PathTools-3.60-2.fc23 (2016-69e506e02d)
This release fixes CVE-2015-8607 losing taint flag in File::Spec::canonpath subroutine. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...
Fedora 22 : perl-PathTools-3.47-312.fc22 (2016-4ca904238f)
This release fixes CVE-2015-8607 losing taint flag in File::Spec::canonpath subroutine. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...
Mageia: Security Advisory (MGASA-2016-0027)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated perl and perl-PathTools packages fix security vulnerability
It was reported that File::Spec::canonpath routine returns untainted strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code CVE-2015-8607...
Fedora Update for perl-PathTools FEDORA-2016-69
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-8607
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string...
CVE-2015-8607
CVE-2015-8607 affects the Perl PathTools package, specifically the File::Spec::canonpath() function. The taint propagation bug can cause tainted input to be treated as untainted, potentially allowing unvalidated user data to reach sensitive code paths. The issue is observed in Perl environments u...
Debian DSA-3441-1 : perl - security update
David Golden of MongoDB discovered that File::Spec::canonpath in Perl returned untainted strings even if passed tainted input. This defect undermines taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. The oldstable distribution wheezy i...
[SECURITY] [DSA 3441-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3441-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3441-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3441-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3441-1 (perl - security update)
David Golden of MongoDB discovered that File::Spec::canonpath in Perl returned untainted strings even if passed tainted input. This defect undermines taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. The oldstable distribution wheezy i...