English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.56038
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2005:881
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory RHSA-2005:881.

Perl is a high-level programming language commonly used for system
administration utilities and Web programming.

An integer overflow bug was found in Perl's format string processor. It is
possible for an attacker to cause perl to crash or execute arbitrary code
if the attacker is able to process a malicious format string. This issue
is only exploitable through a script wich passes arbitrary untrusted
strings to the format string processor. The Common Vulnerabilities and
Exposures project assigned the name CVE-2005-3962 to this issue.

Paul Szabo discovered a bug in the way Perl's File::Path::rmtree module
removed directory trees. If a local user has write permissions to a
subdirectory within the tree being removed by File::Path::rmtree, it is
possible for them to create setuid binary files. (CVE-2005-0448)

Solar Designer discovered several temporary file bugs in various Perl
modules. A local attacker could overwrite or create files as the user
running a Perl script that uses a vulnerable module. (CVE-2004-0976)

Users of Perl are advised to upgrade to these updated packages, which
contain backported patches to correct these issues as well as fixes for
several bugs.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-881.html

Risk factor : Medium

CVSS Score:
4.6

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0976
BugTraq ID: 11294
http://www.securityfocus.com/bid/11294
Debian Security Information: DSA-620 (Google Search)
http://www.debian.org/security/2004/dsa-620
http://fedoranews.org/updates/FEDORA--.shtml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:031
http://marc.info/?l=bugtraq&m=110547693019788&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9752
http://www.redhat.com/support/errata/RHSA-2005-881.html
http://secunia.com/advisories/17661
http://secunia.com/advisories/18075
http://www.trustix.org/errata/2004/0050
XForce ISS Database: script-temporary-file-overwrite(17583)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
Common Vulnerability Exposure (CVE) ID: CVE-2005-0448
BugTraq ID: 12767
http://www.securityfocus.com/bid/12767
Conectiva Linux advisory: CLSA-2006:1056
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056
Debian Security Information: DSA-696 (Google Search)
http://www.debian.org/security/2005/dsa-696
http://www.gentoo.org/security/en/glsa/glsa-200501-38.xml
HPdes Security Advisory: HPSBUX01208
http://www.securityfocus.com/advisories/8704
HPdes Security Advisory: SSRT5938
http://www.mandriva.com/security/advisories?name=MDKSA-2005:079
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10475
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A728
http://www.redhat.com/support/errata/RHSA-2005-674.html
http://secunia.com/advisories/14531
http://secunia.com/advisories/17079
http://secunia.com/advisories/18517
http://secunia.com/advisories/55314
SGI Security Advisory: 20060101-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
https://usn.ubuntu.com/94-1/
Common Vulnerability Exposure (CVE) ID: CVE-2005-3962
102192
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102192-1
15629
http://www.securityfocus.com/bid/15629
17762
http://secunia.com/advisories/17762
17802
http://secunia.com/advisories/17802
17844
http://secunia.com/advisories/17844
17941
http://secunia.com/advisories/17941
17952
http://secunia.com/advisories/17952
17993
http://secunia.com/advisories/17993
18075
18183
http://secunia.com/advisories/18183
18187
http://secunia.com/advisories/18187
18295
http://secunia.com/advisories/18295
18413
http://secunia.com/advisories/18413
18517
19041
http://secunia.com/advisories/19041
20051201 Perl format string integer wrap vulnerability
http://marc.info/?l=full-disclosure&m=113342788118630&w=2
http://www.securityfocus.com/archive/1/418333/100/0/threaded
20060101-01-U
20894
http://secunia.com/advisories/20894
21345
http://www.osvdb.org/21345
22255
http://www.osvdb.org/22255
23155
http://secunia.com/advisories/23155
31208
http://secunia.com/advisories/31208
ADV-2005-2688
http://www.vupen.com/english/advisories/2005/2688
ADV-2006-0771
http://www.vupen.com/english/advisories/2006/0771
ADV-2006-2613
http://www.vupen.com/english/advisories/2006/2613
ADV-2006-4750
http://www.vupen.com/english/advisories/2006/4750
APPLE-SA-2006-11-28
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
CLSA-2006:1056
DSA-943
http://www.debian.org/security/2006/dsa-943
FLSA-2006:176731
https://www.redhat.com/archives/fedora-legacy-announce/2006-February/msg00008.html
GLSA-200512-01
http://www.gentoo.org/security/en/glsa/glsa-200512-01.xml
HPSBTU02125
http://www.securityfocus.com/archive/1/438726/100/0/threaded
MDKSA-2005:225
http://www.mandriva.com/security/advisories?name=MDKSA-2005:225
OpenPKG-SA-2005.025
http://www.openpkg.org/security/OpenPKG-SA-2005.025-perl.html
RHSA-2005:880
http://www.redhat.com/support/errata/RHSA-2005-880.html
RHSA-2005:881
SSRT061105
SUSE-SA:2005:071
http://www.novell.com/linux/security/advisories/2005_71_perl.html
SUSE-SR:2005:029
http://www.novell.com/linux/security/advisories/2005_29_sr.html
TA06-333A
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
TSLSA-2005-0070
http://www.trustix.org/errata/2005/0070
USN-222-1
https://usn.ubuntu.com/222-1/
VU#948385
http://www.kb.cert.org/vuls/id/948385
[3.7] 20060105 007: SECURITY FIX: January 5, 2006
http://www.openbsd.org/errata37.html#perl
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch
http://docs.info.apple.com/article.html?artnum=304829
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://www.dyadsecurity.com/perl-0002.html
http://www.ipcop.org/index.php?name=News&file=article&sid=41
oval:org.mitre.oval:def:10598
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10598
oval:org.mitre.oval:def:1074
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1074
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.