EUVD-2016-5733

Malware in sbrugna...

Apple OS X Perl Security Bypass Vulnerability

Apple OS X is a special operating system developed by Apple for Mac computers. Perl is a free and powerful cross-platform programming language developed by American programmer Larry Wall. A security bypass vulnerability exists in Perl in Apple OS X versions prior to 10.12, which can be exploited ...

CVE-2016-4748

Perl in Apple OS X before 10.12 allows local users to bypass the taint-mode protection mechanism via a crafted environment variable...

CVE-2016-4748

Perl in Apple OS X before 10.12 allows local users to bypass the taint-mode protection mechanism via a crafted environment variable...

CVE-2016-4748

CVE-2016-4748 describes a localPrivilege bypass in Perl on macOS OS X before 10.12, where taint-mode protection can be bypassed via a crafted environment variable. The vulnerability affects Perl within macOS/OS X and is documented in Apple’s security content for macOS Sierra 10.12. The connected ...

openSUSE Security Update : perl (openSUSE-2016-1086)

This update for Perl fixes the following issues : - CVE-2016-6185: Xsloader looking at a 'eval' directory. bsc988311 - CVE-2016-1238: Searching current directory for optional modules. bsc987887 - CVE-2015-8853: Regular expression engine hanging on bad utf8. bsc - CVE-2016-2381: Environment dup...

openSUSE Security Update : perl (openSUSE-SU-2011:0479-1)

This update fixes a bug in perl that makes spamassassin crash and does not allow bypassing taint mode by using lc or uc anymore. - CVE-2010-4777: CVSS v2 Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P - CVE-2011-1487: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N: Permissions, Privileges, and...

RedHat Update for perl RHSA-2011:0558-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

SuSE 10 Security Update : Perl (ZYPP Patch Number 7507)

This update fixes a bug in perl that allowed bypassing taint mode by using lc or uc. CVE-2011-1487: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N: Permissions, Privileges, and Access Control. CWE-264 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is ...

RHEL 6 : perl (RHSA-2011:0558)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0558 advisory. Perl is a high-level programming language commonly used for system administration utilities and web programming. The Perl CGI module provide...

Moderate: Red Hat Security Advisory: perl security and bug fix update

Updated perl packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Perl 5.x - lc() uc() TAINT Mode Protection Security Bypass

Perl 5.x - lc uc TAINT Mode Protection Security Bypass source: https://www.securityfocus.com/bid/47124/info Perl is prone to a security-bypass weakness that occurs when laundering tainted input. Attackers can leverage this issue to bypass security checks in perl applications that rely on TAINT mo...

Perl programs providing user-controlled I/O format strings may contain format string vulnerabilities

Overview Programs written in Perl may contain many of the same types of format string vulnerabilities as programs written in C. Description Perl is a programming language used in many applications and commonly used for web applications. It provides many of the same functions for formatted I/O as ...

activeperl.516.dos.txt

Date: Mon, 31 May 1999 07:16:53 -0700 From: Michael Smith To: [email protected] Subject: ActiveState Security Advisory Problem -------- PerlScript and Perl-ISAPI that come with ActivePerl 516 and earlier versions, inadequately check the length of path information sent to open. Due ...