Mandrake Local Security Checks : Mandriva Update for perl-DBD-Pg MDVSA-2012:112 (perl-DBD-Pg)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.831706

Categoría: Mandrake Local Security Checks

Título: Mandriva Update for perl-DBD-Pg MDVSA-2012:112 (perl-DBD-Pg)

Resumen: The remote host is missing an update for the 'perl-DBD-Pg'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'perl-DBD-Pg'
package(s) announced via the referenced advisory.

Vulnerability Insight:
A vulnerability has been discovered and corrected in perl-DBD-Pg:

Two format string flaws were found in the way perl-DBD-Pg. A
rogue server could provide a specially-crafted database warning
or specially-crafted DBD statement, which once processed by the
perl-DBD-Pg interface would lead to perl-DBD-Pg based process crash
(CVE-2012-1151).

The updated packages have been patched to correct this issue.

Affected Software/OS:
perl-DBD-Pg on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2

Solution:
Please Install the Updated Packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-1151
48307
http://secunia.com/advisories/48307
48319
http://secunia.com/advisories/48319
48824
http://secunia.com/advisories/48824
DSA-2431
http://www.debian.org/security/2012/dsa-2431
GLSA-201204-08
http://security.gentoo.org/glsa/glsa-201204-08.xml
MDVSA-2012:112
http://www.mandriva.com/security/advisories?name=MDVSA-2012:112
RHSA-2012:1116
http://rhn.redhat.com/errata/RHSA-2012-1116.html
[oss-security] 20120309 CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws
http://www.openwall.com/lists/oss-security/2012/03/09/6
[oss-security] 20120309 Re: CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws
http://www.openwall.com/lists/oss-security/2012/03/10/4
dbdpg-dbdstprepare-format-string(73855)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73855
dbdpg-pgwarn-format-string(73854)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73854
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536
http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes
https://bugzilla.redhat.com/show_bug.cgi?id=801733
https://rt.cpan.org/Public/Bug/Display.html?id=75642

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.831706
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for perl-DBD-Pg MDVSA-2012:112 (perl-DBD-Pg)
Resumen:	The remote host is missing an update for the 'perl-DBD-Pg'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'perl-DBD-Pg' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been discovered and corrected in perl-DBD-Pg: Two format string flaws were found in the way perl-DBD-Pg. A rogue server could provide a specially-crafted database warning or specially-crafted DBD statement, which once processed by the perl-DBD-Pg interface would lead to perl-DBD-Pg based process crash (CVE-2012-1151). The updated packages have been patched to correct this issue. Affected Software/OS: perl-DBD-Pg on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2 Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1151 48307 http://secunia.com/advisories/48307 48319 http://secunia.com/advisories/48319 48824 http://secunia.com/advisories/48824 DSA-2431 http://www.debian.org/security/2012/dsa-2431 GLSA-201204-08 http://security.gentoo.org/glsa/glsa-201204-08.xml MDVSA-2012:112 http://www.mandriva.com/security/advisories?name=MDVSA-2012:112 RHSA-2012:1116 http://rhn.redhat.com/errata/RHSA-2012-1116.html [oss-security] 20120309 CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws http://www.openwall.com/lists/oss-security/2012/03/09/6 [oss-security] 20120309 Re: CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws http://www.openwall.com/lists/oss-security/2012/03/10/4 dbdpg-dbdstprepare-format-string(73855) https://exchange.xforce.ibmcloud.com/vulnerabilities/73855 dbdpg-pgwarn-format-string(73854) https://exchange.xforce.ibmcloud.com/vulnerabilities/73854 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536 http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes https://bugzilla.redhat.com/show_bug.cgi?id=801733 https://rt.cpan.org/Public/Bug/Display.html?id=75642
Copyright	Copyright (C) 2012 Greenbone AG