28 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-6185
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrar...
RHEL 7 : perl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl: segmentation fault in Sregmatch on negative backreference CVE-2013-7422 - perl: XSLoader loads...
Debian: Security Advisory (DLA-565-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2246-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2263-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : perl (EulerOS-SA-2020-1527)
According to the versions of the perl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which mig...
EulerOS Virtualization 3.0.2.2 : perl (EulerOS-SA-2020-1476)
According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-depende...
EulerOS 2.0 SP5 : perl (EulerOS-SA-2020-1122)
According to the version of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execu...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2020-1122)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3625-2: Perl vulnerabilities
USN-3625-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a...
USN-3625-1: Perl vulnerabilities
It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2015-8853 It was discovered that Perl incorrectly loaded libraries from th...
Perl 'XSLoader Method' Code Execution Vulnerability - Windows
Perl is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:perl:perl"; ifdescription...
openSUSE Security Update : perl (openSUSE-2016-1086)
This update for Perl fixes the following issues : - CVE-2016-6185: Xsloader looking at a 'eval' directory. bsc988311 - CVE-2016-1238: Searching current directory for optional modules. bsc987887 - CVE-2015-8853: Regular expression engine hanging on bad utf8. bsc - CVE-2016-2381: Environment dup...
Updated perl-XSLoader packages fix security vulnerability
An arbitrary code execution can be achieved if loading code from untrusted current working directory despite the '.' is removed from @INC. Vulnerability is in XSLoader that uses caller information to locate .so file to load. If malicious attacker creates directory named eval 1 with malicious bina...
SUSE SLED12 / SLES12 Security Update : perl (SUSE-SU-2016:2263-1)
This update for Perl fixes the following issues : - CVE-2016-6185: Xsloader looking at a 'eval' directory. bsc988311 - CVE-2016-1238: Searching current directory for optional modules. bsc987887 - CVE-2015-8853: Regular expression engine hanging on bad utf8. bsc - CVE-2016-2381: Environment dup...
SUSE SLES11 Security Update : perl (SUSE-SU-2016:2246-1)
This update for perl fixes the following issues : - CVE-2016-6185: xsloader looking at a 'eval' directory bsc988311 - CVE-2016-1238: searching current directory for optional modules bsc987887 - CVE-2015-8853: regex engine hanging on bad utf8 bnc976584 - CVE-2016-2381: environment dup handling bug...
CVE-2016-6185
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory...
CVE-2016-6185
The CVE-2016-6185 issue involves Perl’s XSLoader::load potentially locating and loading a shared library from an incorrect location when called from a string eval, enabling arbitrary code execution by a local attacker via a Trojan horse library in the current working directory. Public reports (De...
Debian: Security Advisory (DSA-3628-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for perl FEDORA-2016-742bde2be7
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...