Lucene search
RootSSV:12086HistoryAug 21, 2009 - 12:00 a.m.
Perl Compress::Raw::Bzip2模块单字节溢出漏洞
2009-08-2100:00:00
Root
www.seebug.org
12
0.003 Low
EPSS
Percentile
65.5%
CVE(CAN) ID: CVE-2009-1884
Compress::Raw::Zlib2是Perl中使用的一个模块,提供了到zlib2压缩库的低层接口。
Compress-Raw-Bzip2模块的Bzip2.xs中的bzinflate函数存在单字节堆溢出漏洞。如果用户处理了特制的bzip2压缩流,就可以触发这个溢出,导致使用该模块的应用程序崩溃或挂起。
CPAN Compress::Raw::Bzip2 2.x
厂商补丁:
CPAN
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://bugs.gentoo.org/attachment.cgi?id=201642&action=view
Related
openvas
openvas
Fedora Core 10 FEDORA-2009-8888 (perl-Compress-Raw-Bzip2)
2009-09-02 00:00:00
Fedora Core 11 FEDORA-2009-8868 (perl-Compress-Raw-Bzip2)
2009-09-02 00:00:00
debiancve
debiancve
CVE-2009-1884
2009-08-19 17:30:00
cve
cve
CVE-2009-1884
2009-08-19 17:30:00
nessus
nessus
Fedora 10 : perl-Compress-Raw-Bzip2-2.020-1.fc10 (2009-8888)
2009-08-24 00:00:00
GLSA-200908-07 : Perl Compress::Raw modules: Denial of Service
2009-08-20 00:00:00
Mandriva Linux Security Advisory : perl-Compress-Raw-Bzip2 (MDVSA-2009:207)
2010-07-30 00:00:00
prion
prion
Buffer overflow
2009-08-19 17:30:00
securityvulns
securityvulns
[ MDVSA-2009:207 ] perl-Compress-Raw-Bzip2
2009-08-20 00:00:00
perl DoS
2009-08-20 00:00:00
gentoo
gentoo
Perl Compress::Raw modules: Denial of service
2009-08-18 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: perl-Compress-Raw-Bzip2-2.020-1.fc10
2009-08-22 01:07:02
[SECURITY] Fedora 11 Update: perl-Compress-Raw-Bzip2-2.020-1.fc11
2009-08-22 01:02:45
ubuntucve
ubuntucve
CVE-2009-1884
2009-08-19 00:00:00