Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2010:116 (perl)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.67559

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2010:116 (perl)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to perl
announced via advisory MDVSA-2010:116.

Multiple vulnerabilities has been discovered and corrected in Path.pm
and Safe.pm which could lead to escalated privilegies (CVE-2008-5302,
CVE-2008-5303, CVE-2010-1168, CVE-2010-1447). The updated packages
have been patched to correct these issues.

Affected: 2008.0, 2010.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:116

Risk factor : Critical

CVSS Score:
8.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-5302
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Bugtraq: 20090120 rPSA-2009-0011-1 perl (Google Search)
http://www.securityfocus.com/archive/1/500210/100/0/threaded
Debian Security Information: DSA-1678 (Google Search)
http://www.debian.org/security/2008/dsa-1678
http://www.mandriva.com/security/advisories?name=MDVSA-2010:116
http://www.gossamer-threads.com/lists/perl/porters/233695#233695
http://www.openwall.com/lists/oss-security/2008/11/28/2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11076
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6890
http://www.redhat.com/support/errata/RHSA-2010-0458.html
http://secunia.com/advisories/32980
http://secunia.com/advisories/33314
http://secunia.com/advisories/40052
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
http://www.ubuntu.com/usn/usn-700-1
http://www.ubuntu.com/usn/usn-700-2
XForce ISS Database: perl-filepath-symlink(47043)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47043
Common Vulnerability Exposure (CVE) ID: CVE-2008-5303
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6680
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9699
XForce ISS Database: filepath-rmtree-symlink(47044)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47044
Common Vulnerability Exposure (CVE) ID: CVE-2010-1168
1024062
http://securitytracker.com/id?1024062
40049
http://secunia.com/advisories/40049
40052
42402
http://secunia.com/advisories/42402
ADV-2010-3075
http://www.vupen.com/english/advisories/2010/3075
MDVSA-2010:115
http://www.mandriva.com/security/advisories?name=MDVSA-2010:115
MDVSA-2010:116
RHSA-2010:0457
http://www.redhat.com/support/errata/RHSA-2010-0457.html
RHSA-2010:0458
[oss-security] 20100520 CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request
http://www.openwall.com/lists/oss-security/2010/05/20/5
http://blogs.perl.org/users/rafael_garcia-suarez/2010/03/new-safepm-fixes-security-hole.html
http://blogs.sun.com/security/entry/cve_2010_1168_vulnerability_in
http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
https://bugzilla.redhat.com/show_bug.cgi?id=576508
oval:org.mitre.oval:def:7424
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7424
oval:org.mitre.oval:def:9807
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9807
Common Vulnerability Exposure (CVE) ID: CVE-2010-1447
1023988
http://www.securitytracker.com/id?1023988
39845
http://secunia.com/advisories/39845
40305
http://www.securityfocus.com/bid/40305
64756
http://osvdb.org/64756
ADV-2010-1167
http://www.vupen.com/english/advisories/2010/1167
DSA-2267
http://www.debian.org/security/2011/dsa-2267
http://security-tracker.debian.org/tracker/CVE-2010-1447
http://www.postgresql.org/about/news.1203
https://bugs.launchpad.net/bugs/cve/2010-1447
https://bugzilla.redhat.com/show_bug.cgi?id=588269
oval:org.mitre.oval:def:11530
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11530
oval:org.mitre.oval:def:7320
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7320

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.67559
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:116 (perl)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to perl announced via advisory MDVSA-2010:116. Multiple vulnerabilities has been discovered and corrected in Path.pm and Safe.pm which could lead to escalated privilegies (CVE-2008-5302, CVE-2008-5303, CVE-2010-1168, CVE-2010-1447). The updated packages have been patched to correct these issues. Affected: 2008.0, 2010.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:116 Risk factor : Critical CVSS Score: 8.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5302 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html Bugtraq: 20090120 rPSA-2009-0011-1 perl (Google Search) http://www.securityfocus.com/archive/1/500210/100/0/threaded Debian Security Information: DSA-1678 (Google Search) http://www.debian.org/security/2008/dsa-1678 http://www.mandriva.com/security/advisories?name=MDVSA-2010:116 http://www.gossamer-threads.com/lists/perl/porters/233695#233695 http://www.openwall.com/lists/oss-security/2008/11/28/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6890 http://www.redhat.com/support/errata/RHSA-2010-0458.html http://secunia.com/advisories/32980 http://secunia.com/advisories/33314 http://secunia.com/advisories/40052 SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://www.ubuntu.com/usn/usn-700-1 http://www.ubuntu.com/usn/usn-700-2 XForce ISS Database: perl-filepath-symlink(47043) https://exchange.xforce.ibmcloud.com/vulnerabilities/47043 Common Vulnerability Exposure (CVE) ID: CVE-2008-5303 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6680 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9699 XForce ISS Database: filepath-rmtree-symlink(47044) https://exchange.xforce.ibmcloud.com/vulnerabilities/47044 Common Vulnerability Exposure (CVE) ID: CVE-2010-1168 1024062 http://securitytracker.com/id?1024062 40049 http://secunia.com/advisories/40049 40052 42402 http://secunia.com/advisories/42402 ADV-2010-3075 http://www.vupen.com/english/advisories/2010/3075 MDVSA-2010:115 http://www.mandriva.com/security/advisories?name=MDVSA-2010:115 MDVSA-2010:116 RHSA-2010:0457 http://www.redhat.com/support/errata/RHSA-2010-0457.html RHSA-2010:0458 [oss-security] 20100520 CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request http://www.openwall.com/lists/oss-security/2010/05/20/5 http://blogs.perl.org/users/rafael_garcia-suarez/2010/03/new-safepm-fixes-security-hole.html http://blogs.sun.com/security/entry/cve_2010_1168_vulnerability_in http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 https://bugzilla.redhat.com/show_bug.cgi?id=576508 oval:org.mitre.oval:def:7424 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7424 oval:org.mitre.oval:def:9807 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9807 Common Vulnerability Exposure (CVE) ID: CVE-2010-1447 1023988 http://www.securitytracker.com/id?1023988 39845 http://secunia.com/advisories/39845 40305 http://www.securityfocus.com/bid/40305 64756 http://osvdb.org/64756 ADV-2010-1167 http://www.vupen.com/english/advisories/2010/1167 DSA-2267 http://www.debian.org/security/2011/dsa-2267 http://security-tracker.debian.org/tracker/CVE-2010-1447 http://www.postgresql.org/about/news.1203 https://bugs.launchpad.net/bugs/cve/2010-1447 https://bugzilla.redhat.com/show_bug.cgi?id=588269 oval:org.mitre.oval:def:11530 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11530 oval:org.mitre.oval:def:7320 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7320
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com