Red Hat Local Security Checks : RedHat Security Advisory RHSA-2012:1116

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.71437

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2012:1116

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory RHSA-2012:1116.

Perl DBI is a database access Application Programming Interface (API) for
the Perl language. perl-DBD-Pg allows Perl applications to access
PostgreSQL database servers.

Two format string flaws were found in perl-DBD-Pg. A specially-crafted
database warning or error message from a server could cause an application
using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the
privileges of the user running the application. (CVE-2012-1151)

All users of perl-DBD-Pg are advised to upgrade to this updated package,
which contains a backported patch to fix these issues. Applications using
perl-DBD-Pg must be restarted for the update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2012-1116.html

Risk factor : Medium

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-1151
48307
http://secunia.com/advisories/48307
48319
http://secunia.com/advisories/48319
48824
http://secunia.com/advisories/48824
DSA-2431
http://www.debian.org/security/2012/dsa-2431
GLSA-201204-08
http://security.gentoo.org/glsa/glsa-201204-08.xml
MDVSA-2012:112
http://www.mandriva.com/security/advisories?name=MDVSA-2012:112
RHSA-2012:1116
http://rhn.redhat.com/errata/RHSA-2012-1116.html
[oss-security] 20120309 CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws
http://www.openwall.com/lists/oss-security/2012/03/09/6
[oss-security] 20120309 Re: CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws
http://www.openwall.com/lists/oss-security/2012/03/10/4
dbdpg-dbdstprepare-format-string(73855)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73855
dbdpg-pgwarn-format-string(73854)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73854
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536
http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes
https://bugzilla.redhat.com/show_bug.cgi?id=801733
https://rt.cpan.org/Public/Bug/Display.html?id=75642

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.71437
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2012:1116
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2012:1116. Perl DBI is a database access Application Programming Interface (API) for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially-crafted database warning or error message from a server could cause an application using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-1151) All users of perl-DBD-Pg are advised to upgrade to this updated package, which contains a backported patch to fix these issues. Applications using perl-DBD-Pg must be restarted for the update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2012-1116.html Risk factor : Medium
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1151 48307 http://secunia.com/advisories/48307 48319 http://secunia.com/advisories/48319 48824 http://secunia.com/advisories/48824 DSA-2431 http://www.debian.org/security/2012/dsa-2431 GLSA-201204-08 http://security.gentoo.org/glsa/glsa-201204-08.xml MDVSA-2012:112 http://www.mandriva.com/security/advisories?name=MDVSA-2012:112 RHSA-2012:1116 http://rhn.redhat.com/errata/RHSA-2012-1116.html [oss-security] 20120309 CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws http://www.openwall.com/lists/oss-security/2012/03/09/6 [oss-security] 20120309 Re: CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws http://www.openwall.com/lists/oss-security/2012/03/10/4 dbdpg-dbdstprepare-format-string(73855) https://exchange.xforce.ibmcloud.com/vulnerabilities/73855 dbdpg-pgwarn-format-string(73854) https://exchange.xforce.ibmcloud.com/vulnerabilities/73854 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536 http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes https://bugzilla.redhat.com/show_bug.cgi?id=801733 https://rt.cpan.org/Public/Bug/Display.html?id=75642
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com