ID de Prueba:	1.3.6.1.4.1.25623.1.0.831309
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for perl-CGI MDVSA-2011:008 (perl-CGI)
Resumen:	The remote host is missing an update for the 'perl-CGI'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'perl-CGI' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in perl-CGI: Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761 (CVE-2010-4411). Packages for 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been upgraded to the latest version (3.51) which is not affected by this issue and in turn also brings many bugfixes. Affected Software/OS: perl-CGI on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2761 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053576.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053591.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:237 http://www.mandriva.com/security/advisories?name=MDVSA-2010:250 https://bugzilla.mozilla.org/show_bug.cgi?id=600464 http://openwall.com/lists/oss-security/2010/12/01/1 http://openwall.com/lists/oss-security/2010/12/01/2 http://openwall.com/lists/oss-security/2010/12/01/3 http://osvdb.org/69588 http://osvdb.org/69589 http://www.redhat.com/support/errata/RHSA-2011-1797.html http://secunia.com/advisories/42877 http://secunia.com/advisories/43033 http://secunia.com/advisories/43068 http://secunia.com/advisories/43147 http://secunia.com/advisories/43165 SuSE Security Announcement: SUSE-SR:2011:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0207 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0249 http://www.vupen.com/english/advisories/2011/0271 Common Vulnerability Exposure (CVE) ID: CVE-2010-4411 http://www.mandriva.com/security/advisories?name=MDVSA-2011:008 http://www.vupen.com/english/advisories/2011/0106
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.