Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-0558)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122164

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2011-0558)

Resumen: The remote host is missing an update for the 'perl' package(s) announced via the ELSA-2011-0558 advisory.

Descripción: Summary:
The remote host is missing an update for the 'perl' package(s) announced via the ELSA-2011-0558 advisory.

Vulnerability Insight:
[5.10.1-119]
- 692862 - lc launders tainted flag, CVE-2011-1487
- make SOURCE1 executable, because it missed +x in brew
- Resolves: rhbz#692862

[5.10.1-118]
- Correct perl-5.10.1-rt77352.patch
- Related: rhbz#640720

[5.10.1-117]
- 671352 CGI-3.51 security update
- Resolves: rhbz#671352

[5.10.1-116]
- require Digest::SHA 640716
- remove removal of NDBM 640729
- remove unsupported option fork from prove's documentation 609492
- Thread destructor leaks 640720
- update threads to 1.82 (bugfixes releases) 626330
- remove unused patches from cvs
- Resolves: rhbz#640729, rhbz#640716, rhbz#609492, rhbz#640720, rhbz#626330

Affected Software/OS:
'perl' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-2761
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053576.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053591.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:237
http://www.mandriva.com/security/advisories?name=MDVSA-2010:250
https://bugzilla.mozilla.org/show_bug.cgi?id=600464
http://openwall.com/lists/oss-security/2010/12/01/1
http://openwall.com/lists/oss-security/2010/12/01/2
http://openwall.com/lists/oss-security/2010/12/01/3
http://osvdb.org/69588
http://osvdb.org/69589
http://www.redhat.com/support/errata/RHSA-2011-1797.html
http://secunia.com/advisories/42877
http://secunia.com/advisories/43033
http://secunia.com/advisories/43068
http://secunia.com/advisories/43147
http://secunia.com/advisories/43165
SuSE Security Announcement: SUSE-SR:2011:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
SuSE Security Announcement: SUSE-SR:2011:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://www.vupen.com/english/advisories/2011/0076
http://www.vupen.com/english/advisories/2011/0207
http://www.vupen.com/english/advisories/2011/0212
http://www.vupen.com/english/advisories/2011/0249
http://www.vupen.com/english/advisories/2011/0271
Common Vulnerability Exposure (CVE) ID: CVE-2010-4410
BugTraq ID: 44199
http://www.securityfocus.com/bid/44199
BugTraq ID: 45145
http://www.securityfocus.com/bid/45145
http://www.mandriva.com/security/advisories?name=MDVSA-2010:252
http://www.vupen.com/english/advisories/2010/3230
Common Vulnerability Exposure (CVE) ID: CVE-2011-1487
43921
http://secunia.com/advisories/43921
44168
http://secunia.com/advisories/44168
47124
http://www.securityfocus.com/bid/47124
DSA-2265
http://www.debian.org/security/2011/dsa-2265
FEDORA-2011-4610
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.html
FEDORA-2011-4631
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.html
MDVSA-2011:091
http://www.mandriva.com/security/advisories?name=MDVSA-2011:091
SUSE-SR:2011:009
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
[oss-security] 20110401 CVE Request -- perl -- lc(), uc() routines are laundering tainted data
http://openwall.com/lists/oss-security/2011/04/01/3
[oss-security] 20110404 Re: CVE Request -- perl -- lc(), uc() routines are laundering tainted data
http://openwall.com/lists/oss-security/2011/04/04/35
http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99
http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336
https://bugzilla.redhat.com/show_bug.cgi?id=692844
https://bugzilla.redhat.com/show_bug.cgi?id=692898
perl-laundering-security-bypass(66528)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66528

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122164
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2011-0558)
Resumen:	The remote host is missing an update for the 'perl' package(s) announced via the ELSA-2011-0558 advisory.
Descripción:	Summary: The remote host is missing an update for the 'perl' package(s) announced via the ELSA-2011-0558 advisory. Vulnerability Insight: [5.10.1-119] - 692862 - lc launders tainted flag, CVE-2011-1487 - make SOURCE1 executable, because it missed +x in brew - Resolves: rhbz#692862 [5.10.1-118] - Correct perl-5.10.1-rt77352.patch - Related: rhbz#640720 [5.10.1-117] - 671352 CGI-3.51 security update - Resolves: rhbz#671352 [5.10.1-116] - require Digest::SHA 640716 - remove removal of NDBM 640729 - remove unsupported option fork from prove's documentation 609492 - Thread destructor leaks 640720 - update threads to 1.82 (bugfixes releases) 626330 - remove unused patches from cvs - Resolves: rhbz#640729, rhbz#640716, rhbz#609492, rhbz#640720, rhbz#626330 Affected Software/OS: 'perl' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2761 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053576.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053591.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:237 http://www.mandriva.com/security/advisories?name=MDVSA-2010:250 https://bugzilla.mozilla.org/show_bug.cgi?id=600464 http://openwall.com/lists/oss-security/2010/12/01/1 http://openwall.com/lists/oss-security/2010/12/01/2 http://openwall.com/lists/oss-security/2010/12/01/3 http://osvdb.org/69588 http://osvdb.org/69589 http://www.redhat.com/support/errata/RHSA-2011-1797.html http://secunia.com/advisories/42877 http://secunia.com/advisories/43033 http://secunia.com/advisories/43068 http://secunia.com/advisories/43147 http://secunia.com/advisories/43165 SuSE Security Announcement: SUSE-SR:2011:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0207 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0249 http://www.vupen.com/english/advisories/2011/0271 Common Vulnerability Exposure (CVE) ID: CVE-2010-4410 BugTraq ID: 44199 http://www.securityfocus.com/bid/44199 BugTraq ID: 45145 http://www.securityfocus.com/bid/45145 http://www.mandriva.com/security/advisories?name=MDVSA-2010:252 http://www.vupen.com/english/advisories/2010/3230 Common Vulnerability Exposure (CVE) ID: CVE-2011-1487 43921 http://secunia.com/advisories/43921 44168 http://secunia.com/advisories/44168 47124 http://www.securityfocus.com/bid/47124 DSA-2265 http://www.debian.org/security/2011/dsa-2265 FEDORA-2011-4610 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057891.html FEDORA-2011-4631 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057971.html MDVSA-2011:091 http://www.mandriva.com/security/advisories?name=MDVSA-2011:091 SUSE-SR:2011:009 http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html [oss-security] 20110401 CVE Request -- perl -- lc(), uc() routines are laundering tainted data http://openwall.com/lists/oss-security/2011/04/01/3 [oss-security] 20110404 Re: CVE Request -- perl -- lc(), uc() routines are laundering tainted data http://openwall.com/lists/oss-security/2011/04/04/35 http://perl5.git.perl.org/perl.git/commit/539689e74a3bcb04d29e4cd9396de91a81045b99 http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336 https://bugzilla.redhat.com/show_bug.cgi?id=692844 https://bugzilla.redhat.com/show_bug.cgi?id=692898 perl-laundering-security-bypass(66528) https://exchange.xforce.ibmcloud.com/vulnerabilities/66528
Copyright	Copyright (C) 2015 Greenbone AG