Test Kennung:	1.3.6.1.4.1.25623.1.0.831309
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Update for perl-CGI MDVSA-2011:008 (perl-CGI)
Zusammenfassung:	The remote host is missing an update for the 'perl-CGI'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'perl-CGI' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in perl-CGI: Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761 (CVE-2010-4411). Packages for 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been upgraded to the latest version (3.51) which is not affected by this issue and in turn also brings many bugfixes. Affected Software/OS: perl-CGI on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2761 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053576.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053591.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:237 http://www.mandriva.com/security/advisories?name=MDVSA-2010:250 https://bugzilla.mozilla.org/show_bug.cgi?id=600464 http://openwall.com/lists/oss-security/2010/12/01/1 http://openwall.com/lists/oss-security/2010/12/01/2 http://openwall.com/lists/oss-security/2010/12/01/3 http://osvdb.org/69588 http://osvdb.org/69589 http://www.redhat.com/support/errata/RHSA-2011-1797.html http://secunia.com/advisories/42877 http://secunia.com/advisories/43033 http://secunia.com/advisories/43068 http://secunia.com/advisories/43147 http://secunia.com/advisories/43165 SuSE Security Announcement: SUSE-SR:2011:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0207 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0249 http://www.vupen.com/english/advisories/2011/0271 Common Vulnerability Exposure (CVE) ID: CVE-2010-4411 http://www.mandriva.com/security/advisories?name=MDVSA-2011:008 http://www.vupen.com/english/advisories/2011/0106
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.