English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75803 CVE descriptions
and 40037 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.60452
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-581-1 (pcre3)
Summary:Ubuntu USN-581-1 (pcre3)
Description:
The remote host is missing an update to pcre3
announced via advisory USN-581-1.

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

It was discovered that PCRE did not correctly handle very long strings
containing UTF8 sequences. In certain situations, an attacker could
exploit applications linked against PCRE by tricking a user or automated
system in processing a malicious regular expression leading to a denial
of service or possibly arbitrary code execution.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
libpcre3 7.4-0ubuntu0.6.06.2

Ubuntu 6.10:
libpcre3 7.4-0ubuntu0.6.10.2

Ubuntu 7.04:
libpcre3 7.4-0ubuntu0.7.04.2

Ubuntu 7.10:
libpcre3 7.4-0ubuntu0.7.10.2

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-581-1

Risk factor : High
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-0674
Bugtraq: 20080228 rPSA-2008-0086-1 pcre (Google Search)
http://www.securityfocus.com/archive/1/archive/1/488927/100/0/threaded
Bugtraq: 20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl (Google Search)
http://www.securityfocus.com/archive/1/archive/1/492535/100/0/threaded
http://www.openwall.com/lists/oss-security/2008/05/02/2
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html
Debian Security Information: DSA-1499 (Google Search)
http://www.debian.org/security/2008/dsa-1499
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00371.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00632.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html
http://security.gentoo.org/glsa/glsa-200803-24.xml
http://security.gentoo.org/glsa/glsa-200811-05.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:053
SuSE Security Announcement: SUSE-SR:2008:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html
http://www.ubuntulinux.org/support/documentation/usn/usn-581-1
Cert/CC Advisory: TA09-218A
http://www.us-cert.gov/cas/techalerts/TA09-218A.html
BugTraq ID: 27786
http://www.securityfocus.com/bid/27786
BugTraq ID: 29009
http://www.securityfocus.com/bid/29009
BugTraq ID: 31681
http://www.securityfocus.com/bid/31681
http://www.securitytracker.com/id?1022674
http://secunia.com/advisories/36096
http://secunia.com/advisories/32746
http://www.vupen.com/english/advisories/2008/0570
http://www.vupen.com/english/advisories/2008/0592
http://www.vupen.com/english/advisories/2008/1412
http://www.vupen.com/english/advisories/2008/2268
http://www.vupen.com/english/advisories/2008/2780
http://secunia.com/advisories/28923
http://secunia.com/advisories/28960
http://secunia.com/advisories/28985
http://secunia.com/advisories/28996
http://secunia.com/advisories/28957
http://secunia.com/advisories/29027
http://secunia.com/advisories/29048
http://secunia.com/advisories/29175
http://secunia.com/advisories/29267
http://secunia.com/advisories/29282
http://secunia.com/advisories/30048
http://secunia.com/advisories/30345
http://secunia.com/advisories/31326
http://secunia.com/advisories/32222
http://www.vupen.com/english/advisories/2009/2172
XForce ISS Database: pcre-characterclass-bo(40505)
http://xforce.iss.net/xforce/xfdb/40505
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.