Test ID:	1.3.6.1.4.1.25623.1.0.60415
Category:	Fedora Local Security Checks
Title:	Fedora Core 8 FEDORA-2008-1783 (pcre)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to pcre announced via advisory FEDORA-2008-1783. Update Information: This update addresses buffer overflow caused by a character class containing a very large number of characters with codepoints greater than 255 (in UTF-8 mode) - CVE-2008-0674, #431660 This issue may affect usages of pcre, when regular expressions from untrusted sources are compiled. Handling of untrusted data using trusted regular expressions is not affected by this problem. ChangeLog: References: [ 1 ] Bug #431660 - pcre: buffer overflow via large UTF-8 character class https://bugzilla.redhat.com/show_bug.cgi?id=431660 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update pcre' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2008-1783 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0674 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html BugTraq ID: 27786 http://www.securityfocus.com/bid/27786 BugTraq ID: 29009 http://www.securityfocus.com/bid/29009 BugTraq ID: 31681 http://www.securityfocus.com/bid/31681 Bugtraq: 20080228 rPSA-2008-0086-1 pcre (Google Search) http://www.securityfocus.com/archive/1/488927/100/0/threaded Bugtraq: 20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl (Google Search) http://www.securityfocus.com/archive/1/492535/100/0/threaded Cert/CC Advisory: TA09-218A http://www.us-cert.gov/cas/techalerts/TA09-218A.html Debian Security Information: DSA-1499 (Google Search) http://www.debian.org/security/2008/dsa-1499 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00371.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00632.html https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html http://security.gentoo.org/glsa/glsa-200803-24.xml http://security.gentoo.org/glsa/glsa-200811-05.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:053 http://www.openwall.com/lists/oss-security/2008/05/02/2 http://www.securitytracker.com/id?1022674 http://secunia.com/advisories/28923 http://secunia.com/advisories/28957 http://secunia.com/advisories/28960 http://secunia.com/advisories/28985 http://secunia.com/advisories/28996 http://secunia.com/advisories/29027 http://secunia.com/advisories/29048 http://secunia.com/advisories/29175 http://secunia.com/advisories/29267 http://secunia.com/advisories/29282 http://secunia.com/advisories/30048 http://secunia.com/advisories/30345 http://secunia.com/advisories/31326 http://secunia.com/advisories/32222 http://secunia.com/advisories/32746 http://secunia.com/advisories/36096 SuSE Security Announcement: SUSE-SR:2008:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html https://usn.ubuntu.com/581-1/ http://www.vupen.com/english/advisories/2008/0570 http://www.vupen.com/english/advisories/2008/0592 http://www.vupen.com/english/advisories/2008/1412 http://www.vupen.com/english/advisories/2008/2268 http://www.vupen.com/english/advisories/2008/2780 http://www.vupen.com/english/advisories/2009/2172 XForce ISS Database: pcre-characterclass-bo(40505) https://exchange.xforce.ibmcloud.com/vulnerabilities/40505
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.