Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2018-0049)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2018.0049

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2018-0049)

Resumen: The remote host is missing an update for the 'perl' package(s) announced via the MGASA-2018-0049 advisory.

Descripción: Summary:
The remote host is missing an update for the 'perl' package(s) announced via the MGASA-2018-0049 advisory.

Vulnerability Insight:
Jakub Wilk reported a heap buffer overflow flaw in the regular expression
compiler, allowing a remote attacker to cause a denial of service via a
specially crafted regular expression with the case-insensitive modifier
(CVE-2017-12837).

Jakub Wilk reported a buffer over-read flaw in the regular expression
parser, allowing a remote attacker to cause a denial of service or
information leak (CVE-2017-12883).

Affected Software/OS:
'perl' package(s) on Mageia 6.

Solution:
Please install the updated package(s).

CVSS Score:
6.4

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-12837
BugTraq ID: 100860
http://www.securityfocus.com/bid/100860
https://bugzilla.redhat.com/show_bug.cgi?id=1492091
https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5
https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1
https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1
https://rt.perl.org/Public/Bug/Display.html?id=131582
https://security.netapp.com/advisory/ntap-20180426-0001/
Debian Security Information: DSA-3982 (Google Search)
http://www.debian.org/security/2017/dsa-3982
https://www.oracle.com/security-alerts/cpujul2020.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-12883
BugTraq ID: 100852
http://www.securityfocus.com/bid/100852
http://mirror.cucumberlinux.com/cucumber/cucumber-1.0/source/lang-base/perl/patches/CVE-2017-12883.patch
https://bugzilla.redhat.com/show_bug.cgi?id=1492093
https://perl5.git.perl.org/perl.git/commitdiff/2be4edede4ae226e2eebd4eff28cedd2041f300f#patch1
https://rt.perl.org/Public/Bug/Display.html?id=131598

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0049
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0049)
Resumen:	The remote host is missing an update for the 'perl' package(s) announced via the MGASA-2018-0049 advisory.
Descripción:	Summary: The remote host is missing an update for the 'perl' package(s) announced via the MGASA-2018-0049 advisory. Vulnerability Insight: Jakub Wilk reported a heap buffer overflow flaw in the regular expression compiler, allowing a remote attacker to cause a denial of service via a specially crafted regular expression with the case-insensitive modifier (CVE-2017-12837). Jakub Wilk reported a buffer over-read flaw in the regular expression parser, allowing a remote attacker to cause a denial of service or information leak (CVE-2017-12883). Affected Software/OS: 'perl' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-12837 BugTraq ID: 100860 http://www.securityfocus.com/bid/100860 https://bugzilla.redhat.com/show_bug.cgi?id=1492091 https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5 https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1 https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1 https://rt.perl.org/Public/Bug/Display.html?id=131582 https://security.netapp.com/advisory/ntap-20180426-0001/ Debian Security Information: DSA-3982 (Google Search) http://www.debian.org/security/2017/dsa-3982 https://www.oracle.com/security-alerts/cpujul2020.html Common Vulnerability Exposure (CVE) ID: CVE-2017-12883 BugTraq ID: 100852 http://www.securityfocus.com/bid/100852 http://mirror.cucumberlinux.com/cucumber/cucumber-1.0/source/lang-base/perl/patches/CVE-2017-12883.patch https://bugzilla.redhat.com/show_bug.cgi?id=1492093 https://perl5.git.perl.org/perl.git/commitdiff/2be4edede4ae226e2eebd4eff28cedd2041f300f#patch1 https://rt.perl.org/Public/Bug/Display.html?id=131598
Copyright	Copyright (C) 2022 Greenbone AG