FrSIRT - Fedora Security Update Fixes Perl Expression Engine Buffer Overflow / Exploit

French Security Incident Response Team

Français

English

Fedora Security Update Fixes Perl Expression Engine Buffer Overflow

Date de Publication : 2007-12-04 © FrSIRT.COM
Titre : Fedora Security Update Fixes Perl Expression Engine Buffer Overflow
Identifiant : FrSIRT/AVIS-2007-4079
CVE ID : CVE-2007-5116
Risque : Modéré (2/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Une vulnérabilité a été identifiée dans Fedora, elle pourrait être exploitée par des attaquants afin de causer un déni de service ou compromettre un système vulnérable [...]

Solution

Installer les mises à jour :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

e10d40ba71d4dcacdca56bcd9ca55e54c41bc9e0 SRPMS/perl-5.8.8-12.src.rpm
e10d40ba71d4dcacdca56bcd9ca55e54c41bc9e0 noarch/perl-5.8.8-12.src.rpm
7fbc0cf444ac148c12683e614f53b798ab65d367 ppc/debug/perl-debuginfo-5.8.8-12.ppc.rpm
153d19afcd11b5cf2e4d3f67d479a7fce6546d0d ppc/perl-5.8.8-12.ppc.rpm
45b597fcce59d539ac935f29ffe876f21c81d002 ppc/perl-suidperl-5.8.8-12.ppc.rpm
a8529bf51cc62f54fc8f65644b38d3979af1f89a x86_64/perl-5.8.8-12.x86_64.rpm
a14840946f074a2835d5e452d6fd2f8b5acab8b3 x86_64/debug/perl-debuginfo-5.8.8-12.x86_64.rpm
e25954d9fc86e9df31f25632f1b90a7192610dd5 x86_64/perl-suidperl-5.8.8-12.x86_64.rpm
8ae187f01dd5596551c660334131a0e88607d7f3 i386/perl-suidperl-5.8.8-12.i386.rpm
2b8f5896286c45ff379a2f72cf3f748d5479df5e i386/perl-5.8.8-12.i386.rpm
7ad788e2a3710ad5fc2319c17556229b6da37a8e i386/debug/perl-debuginfo-5.8.8-12.i386.rpm

Historique

2007-12-04 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	IBM WebSphere Application Server Security Exposure Vulnerabilities
	IBM AIX DNS Transaction ID Remote Cache Poisoning Vulnerability
	IBM Tivoli Directory Server Entry Handling Double-Free Vulnerability
	IBM AFP Viewer Plug-In "SRC" Property Buffer Overflow Vulnerability
	IBM Hardware Management Console Cross Site Scripting Vulnerabilities
	IBM OS/400 BrSmRcvAndCheck Local Buffer Overflow Vulnerability
	IBM DB2 Multiple Buffer Overflow Vulnerabilities

	Oracle Products Multiple Code Execution Vulnerabilities
	Oracle Products Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

	Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities
	Apple Xcode Code Execution and Information Disclosure Vulnerabilities
	Apple TV Data Processing Remote Code Execution Vulnerabilities
	Apple Mac OS X Command Execution Vulnerabilities
	Apple Safari for Mac OS X Remote Code Execution Vulnerability
	Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability
	Apple Safari Code Execution and Information Disclosure Vulnerabilities