Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:23000
HistoryDec 29, 2009 - 12:00 a.m.

[ MDVSA-2009:344 ] perl-DBD-Pg

2009-12-2900:00:00
vulners.com
47
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2009:344
http://www.mandriva.com/security/

Package : perl-DBD-Pg
Date : December 28, 2009
Affected: 2008.0

Problem Description:

Multiple vulnerabilities was discovered and corrected in perl-DBD-Pg:

Heap-based buffer overflow in the DBD::Pg module for Perl might allow
context-dependent attackers to execute arbitrary code via unspecified
input to an application that uses the getline and pg_getline functions
to read database rows.

Memory leak in the dequote_bytea function in quote.c in the DBD::Pg
(aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows
context-dependent attackers to cause a denial of service (memory
consumption) by fetching data with BYTEA columns (CVE-2009-1341).

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.

This update provides a fix for these vulnerabilities.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341

Updated Packages:

Mandriva Linux 2008.0:
be2421eff6d4387621d1a9c2fb0cf553 2008.0/i586/perl-DBD-Pg-1.49-2.1mdv2008.0.i586.rpm
02653121d648cd28a3f6d0da998ee210 2008.0/SRPMS/perl-DBD-Pg-1.49-2.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
5f1b67d426cedecd1a16aff009282a9a 2008.0/x86_64/perl-DBD-Pg-1.49-2.1mdv2008.0.x86_64.rpm
02653121d648cd28a3f6d0da998ee210 2008.0/SRPMS/perl-DBD-Pg-1.49-2.1mdv2008.0.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLOMUzmqjQ0CJFipgRAk7GAKCnBIUblxVDM6cYyhnTmNePQrfC8QCgqyNy
ZUOi0+H3xSlS/QpHljbyZaQ=
=7+yD
-----END PGP SIGNATURE-----

Related

openvas 17
nessus 7
oraclelinux 1
securityvulns 1
debian 1
osv 1
redhat 2
centos 1
veracode 2
debiancve 2
cve 2
ubuntucve 2
prion 2
seebug 2
openvas
openvas
CentOS Security Advisory CESA-2009:0479 (perl-DBD-Pg)
2009-05-20 00:00:00
CentOS Security Advisory CESA-2009:0479 (perl-DBD-Pg)
2009-05-20 00:00:00
CentOS Update for perl-DBD-Pg CESA-2009:0479 centos5 i386
2011-08-09 00:00:00
nessus
nessus
Debian DSA-1780-1 : libdbd-pg-perl - several vulnerabilities
2009-04-29 00:00:00
CentOS 5 : perl-DBD-Pg (CESA-2009:0479)
2010-01-06 00:00:00
openSUSE 10 Security Update : perl-DBD-Pg (perl-DBD-Pg-6227)
2009-06-17 00:00:00
oraclelinux
oraclelinux
perl-DBD-Pg security update
2009-05-13 00:00:00
securityvulns
securityvulns
Perl DBD::Pg module buffer overflow
2009-12-29 00:00:00
debian
debian
[SECURITY] [DSA 1780-1] New libdbd-pg-perl packages fix potential code execution
2009-04-28 18:34:37
osv
osv
libdbd-pg-perl - potential code execution
2009-04-28 00:00:00
redhat
redhat
(RHSA-2009:0479) Moderate: perl-DBD-Pg security update
2009-05-13 00:00:00
(RHSA-2009:1067) Moderate: Red Hat Application Stack v2.3 security and enhancement update
2009-05-26 00:00:00
centos
centos
perl security update
2009-05-19 15:03:40
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:32:28
Arbitrary Code Execution
2020-04-10 00:32:26
debiancve
debiancve
CVE-2009-1341
2009-04-30 20:30:00
CVE-2009-0663
2009-04-30 20:30:00
cve
cve
CVE-2009-1341
2009-04-30 20:30:00
CVE-2009-0663
2009-04-30 20:30:00
ubuntucve
ubuntucve
CVE-2009-1341
2009-04-30 00:00:00
CVE-2009-0663
2009-04-30 00:00:00
prion
prion
Heap overflow
2009-04-30 20:30:00
Memory corruption
2009-04-30 20:30:00
seebug
seebug
DBD::Pg BYTEA值内存泄漏拒绝服务漏洞
2009-04-30 00:00:00
DBD::Pg 'pg_getline()'和'getline()'堆缓冲区溢出漏洞
2009-04-30 00:00:00
JSON
Related for SECURITYVULNS:DOC:23000
openvas17nessus7oraclelinux1securityvulns1debian1osv1redhat2centos1veracode2debiancve2cve2ubuntucve2prion2seebug2