|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 2587-1 (libcgi-pm-perl - HTTP header injection)|
|Summary:||It was discovered that the CGI module for Perl does not filter LF;characters in the Set-Cookie and P3P headers, potentially allowing;attackers to inject HTTP headers.|
It was discovered that the CGI module for Perl does not filter LF
characters in the Set-Cookie and P3P headers, potentially allowing
attackers to inject HTTP headers.
libcgi-pm-perl on Debian Linux
For the stable distribution (squeeze), this problem has been fixed in
For the unstable distribution (sid), this problem has been fixed in
We recommend that you upgrade your libcgi-pm-perl packages.
Common Vulnerability Exposure (CVE) ID: CVE-2012-5526|
BugTraq ID: 56562
Debian Security Information: DSA-2586 (Google Search)
RedHat Security Advisories: RHSA-2013:0685
XForce ISS Database: perl-cgipm-header-injection(80098)
|Copyright||Copyright (C) 2013 Greenbone Networks GmbH http://greenbone.net|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.