 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2021.0048 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2021-0048) |
| Zusammenfassung: | The remote host is missing an update for the 'perl-DBI' package(s) announced via the MGASA-2021-0048 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'perl-DBI' package(s) announced via the MGASA-2021-0048 advisory. Vulnerability Insight: An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference. (CVE-2019-20919). An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability. (CVE-2020-14392). A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data. (CVE-2020-14393). Affected Software/OS: 'perl-DBI' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 3.6 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-20919 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXLKODJ7B57GITDEZZXNSHPK4VBYXYHR/ https://github.com/perl5-dbi/dbi/commit/eca7d7c8f43d96f6277e86d1000e842eb4cc67ff https://metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.643-... https://lists.debian.org/debian-lts-announce/2020/09/msg00026.html SuSE Security Announcement: openSUSE-SU-2020:1620 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00012.html SuSE Security Announcement: openSUSE-SU-2020:1628 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00013.html https://usn.ubuntu.com/4534-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-14392 https://bugzilla.redhat.com/show_bug.cgi?id=1877402 https://metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.643 SuSE Security Announcement: openSUSE-SU-2020:1483 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00067.html SuSE Security Announcement: openSUSE-SU-2020:1502 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00074.html https://usn.ubuntu.com/4503-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-14393 https://bugzilla.redhat.com/show_bug.cgi?id=1877409 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |