Test ID:	1.3.6.1.4.1.25623.1.0.68227
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-981-1 (libwww-perl)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to libwww-perl announced via advisory USN-981-1. Details follow: It was discovered that libwww-perl incorrectly filtered filenames suggested by Content-Disposition headers. If a user were tricked into downloading a file from a malicious site, a remote attacker could overwrite hidden files in the user's directory. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libwww-perl 5.803-4ubuntu0.1 Ubuntu 8.04 LTS: libwww-perl 5.808-1ubuntu0.1 Ubuntu 9.04: libwww-perl 5.820-1ubuntu0.1 Ubuntu 9.10: libwww-perl 5.831-1ubuntu0.1 Ubuntu 10.04 LTS: libwww-perl 5.834-1ubuntu0.1 In general, a standard system update will make all the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-981-1 Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2253 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050232.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050245.html http://www.ocert.org/advisories/ocert-2010-001.html http://marc.info/?l=oss-security&m=127411372529485&w=2 http://marc.info/?l=oss-security&m=127611288927500&w=2 http://www.ubuntu.com/usn/USN-981-1 http://www.vupen.com/english/advisories/2010/2872
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.