Test ID:	1.3.6.1.4.1.25623.1.0.60452
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-581-1 (pcre3)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to pcre3 announced via advisory USN-581-1. A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. It was discovered that PCRE did not correctly handle very long strings containing UTF8 sequences. In certain situations, an attacker could exploit applications linked against PCRE by tricking a user or automated system in processing a malicious regular expression leading to a denial of service or possibly arbitrary code execution. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libpcre3 7.4-0ubuntu0.6.06.2 Ubuntu 6.10: libpcre3 7.4-0ubuntu0.6.10.2 Ubuntu 7.04: libpcre3 7.4-0ubuntu0.7.04.2 Ubuntu 7.10: libpcre3 7.4-0ubuntu0.7.10.2 After a standard system upgrade you need to reboot your computer to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-581-1 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0674 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html BugTraq ID: 27786 http://www.securityfocus.com/bid/27786 BugTraq ID: 29009 http://www.securityfocus.com/bid/29009 BugTraq ID: 31681 http://www.securityfocus.com/bid/31681 Bugtraq: 20080228 rPSA-2008-0086-1 pcre (Google Search) http://www.securityfocus.com/archive/1/488927/100/0/threaded Bugtraq: 20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl (Google Search) http://www.securityfocus.com/archive/1/492535/100/0/threaded Cert/CC Advisory: TA09-218A http://www.us-cert.gov/cas/techalerts/TA09-218A.html Debian Security Information: DSA-1499 (Google Search) http://www.debian.org/security/2008/dsa-1499 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00371.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00632.html https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html http://security.gentoo.org/glsa/glsa-200803-24.xml http://security.gentoo.org/glsa/glsa-200811-05.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:053 http://www.openwall.com/lists/oss-security/2008/05/02/2 http://www.securitytracker.com/id?1022674 http://secunia.com/advisories/28923 http://secunia.com/advisories/28957 http://secunia.com/advisories/28960 http://secunia.com/advisories/28985 http://secunia.com/advisories/28996 http://secunia.com/advisories/29027 http://secunia.com/advisories/29048 http://secunia.com/advisories/29175 http://secunia.com/advisories/29267 http://secunia.com/advisories/29282 http://secunia.com/advisories/30048 http://secunia.com/advisories/30345 http://secunia.com/advisories/31326 http://secunia.com/advisories/32222 http://secunia.com/advisories/32746 http://secunia.com/advisories/36096 SuSE Security Announcement: SUSE-SR:2008:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html https://usn.ubuntu.com/581-1/ http://www.vupen.com/english/advisories/2008/0570 http://www.vupen.com/english/advisories/2008/0592 http://www.vupen.com/english/advisories/2008/1412 http://www.vupen.com/english/advisories/2008/2268 http://www.vupen.com/english/advisories/2008/2780 http://www.vupen.com/english/advisories/2009/2172 XForce ISS Database: pcre-characterclass-bo(40505) https://exchange.xforce.ibmcloud.com/vulnerabilities/40505
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.