Test ID:	1.3.6.1.4.1.25623.1.0.122354
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2010-0458)
Summary:	The remote host is missing an update for the 'perl' package(s) announced via the ELSA-2010-0458 advisory.
Description:	Summary: The remote host is missing an update for the 'perl' package(s) announced via the ELSA-2010-0458 advisory. Vulnerability Insight: [4:5.8.8-32.el5.1] - third version of patch fix change of behaviour of rmtree for common user - Resolves: rhbz#597203 [4:5.8.8-32.el5] - rhbz#595416 change documentation of File::Path - Related: rhbz#591167 [4:5.8.8-31.el5] - remove previous fix - Related: rhbz#591167 [4:5.8.8-30.el5] - change config to file on Util.so - Related: rhbz#594406 [4:5.8.8-29.el5] - CVE-2008-5302 - use latest patch without Cwd module - 507378 because of our paths we need to overload old Util.so in case customer installed Scalar::Util from cpan. In this case we marked new Util.so as .rpmnew. - Related: rhbz#591167 - Resolves: rhbz#594406 [4:5.8.8-28.el5] - CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1 - CVE-2010-1168 perl Safe: Intended restriction bypass via object references - CVE-2010-1447 Safe 2.26 and earlier: Intended restriction bypass via Perl object references in code executed outside safe compartment - Related: rhbz#591167 Affected Software/OS: 'perl' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5302 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html Bugtraq: 20090120 rPSA-2009-0011-1 perl (Google Search) http://www.securityfocus.com/archive/1/500210/100/0/threaded Debian Security Information: DSA-1678 (Google Search) http://www.debian.org/security/2008/dsa-1678 http://www.mandriva.com/security/advisories?name=MDVSA-2010:116 http://www.gossamer-threads.com/lists/perl/porters/233695#233695 http://www.openwall.com/lists/oss-security/2008/11/28/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6890 http://www.redhat.com/support/errata/RHSA-2010-0458.html http://secunia.com/advisories/32980 http://secunia.com/advisories/33314 http://secunia.com/advisories/40052 SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://www.ubuntu.com/usn/usn-700-1 http://www.ubuntu.com/usn/usn-700-2 XForce ISS Database: perl-filepath-symlink(47043) https://exchange.xforce.ibmcloud.com/vulnerabilities/47043 Common Vulnerability Exposure (CVE) ID: CVE-2008-5303 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6680 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9699 XForce ISS Database: filepath-rmtree-symlink(47044) https://exchange.xforce.ibmcloud.com/vulnerabilities/47044 Common Vulnerability Exposure (CVE) ID: CVE-2010-1168 1024062 http://securitytracker.com/id?1024062 40049 http://secunia.com/advisories/40049 40052 42402 http://secunia.com/advisories/42402 ADV-2010-3075 http://www.vupen.com/english/advisories/2010/3075 MDVSA-2010:115 http://www.mandriva.com/security/advisories?name=MDVSA-2010:115 MDVSA-2010:116 RHSA-2010:0457 http://www.redhat.com/support/errata/RHSA-2010-0457.html RHSA-2010:0458 [oss-security] 20100520 CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request http://www.openwall.com/lists/oss-security/2010/05/20/5 http://blogs.perl.org/users/rafael_garcia-suarez/2010/03/new-safepm-fixes-security-hole.html http://blogs.sun.com/security/entry/cve_2010_1168_vulnerability_in http://cpansearch.perl.org/src/RGARCIA/Safe-2.27/Changes http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 https://bugzilla.redhat.com/show_bug.cgi?id=576508 oval:org.mitre.oval:def:7424 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7424 oval:org.mitre.oval:def:9807 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9807 Common Vulnerability Exposure (CVE) ID: CVE-2010-1447 1023988 http://www.securitytracker.com/id?1023988 39845 http://secunia.com/advisories/39845 40305 http://www.securityfocus.com/bid/40305 64756 http://osvdb.org/64756 ADV-2010-1167 http://www.vupen.com/english/advisories/2010/1167 DSA-2267 http://www.debian.org/security/2011/dsa-2267 http://security-tracker.debian.org/tracker/CVE-2010-1447 http://www.postgresql.org/about/news.1203 https://bugs.launchpad.net/bugs/cve/2010-1447 https://bugzilla.redhat.com/show_bug.cgi?id=588269 oval:org.mitre.oval:def:11530 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11530 oval:org.mitre.oval:def:7320 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7320
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.