Ubuntu Local Security Checks : Ubuntu Update for libdbd-mysql-perl USN-3103-1

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.842917

Kategorie: Ubuntu Local Security Checks

Titel: Ubuntu Update for libdbd-mysql-perl USN-3103-1

Zusammenfassung: The remote host is missing an update for the 'libdbd-mysql-perl'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'libdbd-mysql-perl'
package(s) announced via the referenced advisory.

Vulnerability Insight:
It was discovered that DBD::mysql incorrectly
handled certain memory operations. A remote attacker could use this issue to
cause DBD::mysql to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2014-9906)

Hanno Bö ck discovered that DBD::mysql incorrectly handled certain memory
operations. A remote attacker could use this issue to cause DBD::mysql to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2015-8949)

Pali Rohá r discovered that DBD::mysql incorrectly handled certain user
supplied data. A remote attacker could use this issue to cause DBD::mysql
to crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2016-1246)

Affected Software/OS:
libdbd-mysql-perl on Ubuntu 14.04 LTS,
Ubuntu 12.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-9906
BugTraq ID: 92149
http://www.securityfocus.com/bid/92149
Debian Security Information: DSA-3635 (Google Search)
http://www.debian.org/security/2016/dsa-3635
http://www.openwall.com/lists/oss-security/2016/07/27/5
http://www.openwall.com/lists/oss-security/2016/07/27/6
Common Vulnerability Exposure (CVE) ID: CVE-2015-8949
BugTraq ID: 92118
http://www.securityfocus.com/bid/92118
https://security.gentoo.org/glsa/201701-51
https://blog.fuzzing-project.org/50-Use-after-free-in-my_login-function-of-DBDmysql-Perl-module.html
http://www.openwall.com/lists/oss-security/2016/07/25/13
http://www.openwall.com/lists/oss-security/2016/07/27/1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1246
BugTraq ID: 93337
http://www.securityfocus.com/bid/93337
Debian Security Information: DSA-3684 (Google Search)
http://www.debian.org/security/2016/dsa-3684

Copyright Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.842917
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu Update for libdbd-mysql-perl USN-3103-1
Zusammenfassung:	The remote host is missing an update for the 'libdbd-mysql-perl'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libdbd-mysql-perl' package(s) announced via the referenced advisory. Vulnerability Insight: It was discovered that DBD::mysql incorrectly handled certain memory operations. A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-9906) Hanno Bö ck discovered that DBD::mysql incorrectly handled certain memory operations. A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8949) Pali Rohá r discovered that DBD::mysql incorrectly handled certain user supplied data. A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1246) Affected Software/OS: libdbd-mysql-perl on Ubuntu 14.04 LTS, Ubuntu 12.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9906 BugTraq ID: 92149 http://www.securityfocus.com/bid/92149 Debian Security Information: DSA-3635 (Google Search) http://www.debian.org/security/2016/dsa-3635 http://www.openwall.com/lists/oss-security/2016/07/27/5 http://www.openwall.com/lists/oss-security/2016/07/27/6 Common Vulnerability Exposure (CVE) ID: CVE-2015-8949 BugTraq ID: 92118 http://www.securityfocus.com/bid/92118 https://security.gentoo.org/glsa/201701-51 https://blog.fuzzing-project.org/50-Use-after-free-in-my_login-function-of-DBDmysql-Perl-module.html http://www.openwall.com/lists/oss-security/2016/07/25/13 http://www.openwall.com/lists/oss-security/2016/07/27/1 Common Vulnerability Exposure (CVE) ID: CVE-2016-1246 BugTraq ID: 93337 http://www.securityfocus.com/bid/93337 Debian Security Information: DSA-3684 (Google Search) http://www.debian.org/security/2016/dsa-3684
Copyright	Copyright (C) 2016 Greenbone Networks GmbH