Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201204-08 (DBD-Pg)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.71318

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201204-08 (DBD-Pg)

Resumen: The remote host is missing updates announced in;advisory GLSA 201204-08.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 201204-08.

Vulnerability Insight:
Two format string vulnerabilities have been found in the Perl
DBD-Pg module, allowing a remote PostgreSQL servers to execute
arbitrary
code.

Solution:
All users of the Perl DBD-Pg module should upgrade to the latest
version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-perl/DBD-Pg-2.19.0'

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-1151
48307
http://secunia.com/advisories/48307
48319
http://secunia.com/advisories/48319
48824
http://secunia.com/advisories/48824
DSA-2431
http://www.debian.org/security/2012/dsa-2431
GLSA-201204-08
http://security.gentoo.org/glsa/glsa-201204-08.xml
MDVSA-2012:112
http://www.mandriva.com/security/advisories?name=MDVSA-2012:112
RHSA-2012:1116
http://rhn.redhat.com/errata/RHSA-2012-1116.html
[oss-security] 20120309 CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws
http://www.openwall.com/lists/oss-security/2012/03/09/6
[oss-security] 20120309 Re: CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws
http://www.openwall.com/lists/oss-security/2012/03/10/4
dbdpg-dbdstprepare-format-string(73855)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73855
dbdpg-pgwarn-format-string(73854)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73854
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536
http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes
https://bugzilla.redhat.com/show_bug.cgi?id=801733
https://rt.cpan.org/Public/Bug/Display.html?id=75642

Copyright Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.71318
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201204-08 (DBD-Pg)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201204-08.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201204-08. Vulnerability Insight: Two format string vulnerabilities have been found in the Perl DBD-Pg module, allowing a remote PostgreSQL servers to execute arbitrary code. Solution: All users of the Perl DBD-Pg module should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-perl/DBD-Pg-2.19.0' CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1151 48307 http://secunia.com/advisories/48307 48319 http://secunia.com/advisories/48319 48824 http://secunia.com/advisories/48824 DSA-2431 http://www.debian.org/security/2012/dsa-2431 GLSA-201204-08 http://security.gentoo.org/glsa/glsa-201204-08.xml MDVSA-2012:112 http://www.mandriva.com/security/advisories?name=MDVSA-2012:112 RHSA-2012:1116 http://rhn.redhat.com/errata/RHSA-2012-1116.html [oss-security] 20120309 CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws http://www.openwall.com/lists/oss-security/2012/03/09/6 [oss-security] 20120309 Re: CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws http://www.openwall.com/lists/oss-security/2012/03/10/4 dbdpg-dbdstprepare-format-string(73855) https://exchange.xforce.ibmcloud.com/vulnerabilities/73855 dbdpg-pgwarn-format-string(73854) https://exchange.xforce.ibmcloud.com/vulnerabilities/73854 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536 http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes https://bugzilla.redhat.com/show_bug.cgi?id=801733 https://rt.cpan.org/Public/Bug/Display.html?id=75642
Copyright	Copyright (C) 2012 E-Soft Inc.