Test Kennung:	1.3.6.1.4.1.25623.1.0.122354
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2010-0458)
Zusammenfassung:	The remote host is missing an update for the 'perl' package(s) announced via the ELSA-2010-0458 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'perl' package(s) announced via the ELSA-2010-0458 advisory. Vulnerability Insight: [4:5.8.8-32.el5.1] - third version of patch fix change of behaviour of rmtree for common user - Resolves: rhbz#597203 [4:5.8.8-32.el5] - rhbz#595416 change documentation of File::Path - Related: rhbz#591167 [4:5.8.8-31.el5] - remove previous fix - Related: rhbz#591167 [4:5.8.8-30.el5] - change config to file on Util.so - Related: rhbz#594406 [4:5.8.8-29.el5] - CVE-2008-5302 - use latest patch without Cwd module - 507378 because of our paths we need to overload old Util.so in case customer installed Scalar::Util from cpan. In this case we marked new Util.so as .rpmnew. - Related: rhbz#591167 - Resolves: rhbz#594406 [4:5.8.8-28.el5] - CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1 - CVE-2010-1168 perl Safe: Intended restriction bypass via object references - CVE-2010-1447 Safe 2.26 and earlier: Intended restriction bypass via Perl object references in code executed outside safe compartment - Related: rhbz#591167 Affected Software/OS: 'perl' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5302 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html Bugtraq: 20090120 rPSA-2009-0011-1 perl (Google Search) http://www.securityfocus.com/archive/1/500210/100/0/threaded Debian Security Information: DSA-1678 (Google Search) http://www.debian.org/security/2008/dsa-1678 http://www.mandriva.com/security/advisories?name=MDVSA-2010:116 http://www.gossamer-threads.com/lists/perl/porters/233695#233695 http://www.openwall.com/lists/oss-security/2008/11/28/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6890 http://www.redhat.com/support/errata/RHSA-2010-0458.html http://secunia.com/advisories/32980 http://secunia.com/advisories/33314 http://secunia.com/advisories/40052 SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://www.ubuntu.com/usn/usn-700-1 http://www.ubuntu.com/usn/usn-700-2 XForce ISS Database: perl-filepath-symlink(47043) https://exchange.xforce.ibmcloud.com/vulnerabilities/47043 Common Vulnerability Exposure (CVE) ID: CVE-2008-5303 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6680 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9699 XForce ISS Database: filepath-rmtree-symlink(47044) https://exchange.xforce.ibmcloud.com/vulnerabilities/47044 Common Vulnerability Exposure (CVE) ID: CVE-2010-1168 1024062 http://securitytracker.com/id?1024062 40049 http://secunia.com/advisories/40049 40052 42402 http://secunia.com/advisories/42402 ADV-2010-3075 http://www.vupen.com/english/advisories/2010/3075 MDVSA-2010:115 http://www.mandriva.com/security/advisories?name=MDVSA-2010:115 MDVSA-2010:116 RHSA-2010:0457 http://www.redhat.com/support/errata/RHSA-2010-0457.html RHSA-2010:0458 [oss-security] 20100520 CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request http://www.openwall.com/lists/oss-security/2010/05/20/5 http://blogs.perl.org/users/rafael_garcia-suarez/2010/03/new-safepm-fixes-security-hole.html http://blogs.sun.com/security/entry/cve_2010_1168_vulnerability_in http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 https://bugzilla.redhat.com/show_bug.cgi?id=576508 oval:org.mitre.oval:def:7424 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7424 oval:org.mitre.oval:def:9807 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9807 Common Vulnerability Exposure (CVE) ID: CVE-2010-1447 1023988 http://www.securitytracker.com/id?1023988 39845 http://secunia.com/advisories/39845 40305 http://www.securityfocus.com/bid/40305 64756 http://osvdb.org/64756 ADV-2010-1167 http://www.vupen.com/english/advisories/2010/1167 DSA-2267 http://www.debian.org/security/2011/dsa-2267 http://security-tracker.debian.org/tracker/CVE-2010-1447 http://www.postgresql.org/about/news.1203 https://bugs.launchpad.net/bugs/cve/2010-1447 https://bugzilla.redhat.com/show_bug.cgi?id=588269 oval:org.mitre.oval:def:11530 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11530 oval:org.mitre.oval:def:7320 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7320
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.