Test ID:	1.3.6.1.4.1.25623.1.0.123654
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2013-0685)
Summary:	The remote host is missing an update for the 'perl' package(s) announced via the ELSA-2013-0685 advisory.
Description:	Summary: The remote host is missing an update for the 'perl' package(s) announced via the ELSA-2013-0685 advisory. Vulnerability Insight: [4:5.10.1-130] - Resolves: #915692 - CVE-2012-5526 (newline injection due to improper CRLF escaping in Set-Cookie and P3P headers) - Resolves: #915692 - CVE-2012-6329 (possible arbitrary code execution via Locale::Maketext) - Resolves: #915692 - CVE-2013-1667 (DoS in rehashing code) Affected Software/OS: 'perl' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-5195 BugTraq ID: 56287 http://www.securityfocus.com/bid/56287 Debian Security Information: DSA-2586 (Google Search) http://www.debian.org/security/2012/dsa-2586 http://www.mandriva.com/security/advisories?name=MDVSA-2013:113 http://www.openwall.com/lists/oss-security/2012/10/26/2 http://www.openwall.com/lists/oss-security/2012/10/27/1 http://www.nntp.perl.org/group/perl.perl5.porters/2012/10/msg193886.html RedHat Security Advisories: RHSA-2013:0685 http://rhn.redhat.com/errata/RHSA-2013-0685.html http://secunia.com/advisories/51457 http://secunia.com/advisories/55314 http://www.ubuntu.com/usn/USN-1643-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-5526 1027780 http://www.securitytracker.com/id?1027780 51457 55314 56562 http://www.securityfocus.com/bid/56562 DSA-2586 RHSA-2013:0685 USN-1643-1 [oss-security] 20121115 Re: CVE Request -- perl-CGI: Newline injection due to improper CRLF escaping in Set-Cookie and P3P headers http://www.openwall.com/lists/oss-security/2012/11/15/6 http://cpansearch.perl.org/src/MARKSTOS/CGI.pm-3.63/Changes http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html https://github.com/markstos/CGI.pm/pull/23 perl-cgipm-header-injection(80098) https://exchange.xforce.ibmcloud.com/vulnerabilities/80098 Common Vulnerability Exposure (CVE) ID: CVE-2012-6329 BugTraq ID: 56950 http://www.securityfocus.com/bid/56950 https://bugzilla.redhat.com/show_bug.cgi?id=884354 http://sourceforge.net/mailarchive/message.php?msg_id=30219695 http://openwall.com/lists/oss-security/2012/12/11/4 http://code.activestate.com/lists/perl5-porters/187763/ http://code.activestate.com/lists/perl5-porters/187746/ http://www.ubuntu.com/usn/USN-2099-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-1667 http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html BugTraq ID: 58311 http://www.securityfocus.com/bid/58311 Debian Security Information: DSA-2641 (Google Search) http://www.debian.org/security/2013/dsa-2641 HPdes Security Advisory: HPSBUX02928 http://marc.info/?l=bugtraq&m=137891988921058&w=2 HPdes Security Advisory: SSRT101274 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702296 https://bugzilla.redhat.com/show_bug.cgi?id=912276 http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html http://osvdb.org/90892 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18771 http://secunia.com/advisories/52472 http://secunia.com/advisories/52499 http://www.ubuntu.com/usn/USN-1770-1 XForce ISS Database: perl-rehash-dos(82598) https://exchange.xforce.ibmcloud.com/vulnerabilities/82598
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.