ID de Prueba:	1.3.6.1.4.1.25623.1.0.842672
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for perl USN-2916-1
Resumen:	The remote host is missing an update for the 'perl'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'perl' package(s) announced via the referenced advisory. Vulnerability Insight: It was discovered that Perl incorrectly handled certain regular expressions with an invalid backreference. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-7422) Markus Vervier discovered that Perl incorrectly handled nesting in the Data::Dumper module. An attacker could use this issue to cause Perl to consume memory and crash, resulting in a denial of service. (CVE-2014-4330) Stephane Chazelas discovered that Perl incorrectly handled duplicate environment variables. An attacker could possibly use this issue to bypass the taint protection mechanism. (CVE-2016-2381) Affected Software/OS: perl on Ubuntu 15.10, Ubuntu 14.04 LTS, Ubuntu 12.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-7422 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 75704 http://www.securityfocus.com/bid/75704 https://security.gentoo.org/glsa/201507-11 http://www.ubuntu.com/usn/USN-2916-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-4330 BugTraq ID: 70142 http://www.securityfocus.com/bid/70142 Bugtraq: 20140925 LSE Leading Security Experts GmbH - LSE-2014-06-10 - Perl CORE - Deep Recursion Stack Overflow (Google Search) http://www.securityfocus.com/archive/1/533543/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139441.html http://seclists.org/fulldisclosure/2014/Sep/84 http://www.mandriva.com/security/advisories?name=MDVSA-2015:136 http://packetstormsecurity.com/files/128422/Perl-5.20.1-Deep-Recursion-Stack-Overflow.html http://seclists.org/oss-sec/2014/q3/692 http://www.nntp.perl.org/group/perl.perl5.porters/2014/09/msg220118.html http://secunia.com/advisories/61441 http://secunia.com/advisories/61961 XForce ISS Database: perl-cve20144330-dos(96216) https://exchange.xforce.ibmcloud.com/vulnerabilities/96216 Common Vulnerability Exposure (CVE) ID: CVE-2016-2381 BugTraq ID: 83802 http://www.securityfocus.com/bid/83802 http://perl5.git.perl.org/perl.git/commitdiff/ae37b791a73a9e78dedb89fb2429d2628cf58076 http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 Debian Security Information: DSA-3501 (Google Search) http://www.debian.org/security/2016/dsa-3501 https://security.gentoo.org/glsa/201701-75 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujul2020.html http://www.gossamer-threads.com/lists/perl/porters/326387 SuSE Security Announcement: openSUSE-SU-2016:0881 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-03/msg00112.html
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.