CVE-2015-3406

Related Files

Debian Security Advisory 3261-1

Posted May 15, 2015

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3261-1 - Multiple vulnerabilities were discovered in libmodule-signature-perl, a Perl module to manipulate CPAN SIGNATURE files.

tags | advisory, perl, vulnerability

systems | linux, debian

advisories | CVE-2015-3406, CVE-2015-3407, CVE-2015-3408, CVE-2015-3409

SHA-256 | eead0929d7129f41a4c2167795dd6001b8ef81899e44f2f0daae91e38e8f7984

Download | Favorite | View

Ubuntu Security Notice USN-2607-1

Posted May 12, 2015

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2607-1 - John Lightsey discovered that Module::Signature incorrectly handled PGP signature boundaries. A remote attacker could use this issue to trick Module::Signature into parsing the unsigned portion of the SIGNATURE file as the signed portion. John Lightsey discovered that Module::Signature incorrectly handled files that were not listed in the SIGNATURE file. A remote attacker could use this flaw to execute arbitrary code when tests were run. Various other issues were also addressed.

tags | advisory, remote, arbitrary

systems | linux, ubuntu

advisories | CVE-2015-3406, CVE-2015-3407, CVE-2015-3408, CVE-2015-3409

SHA-256 | 01435cad3cc3f3796eb76778a10df74d3b0435bd530e0a635c5562e915c71934

Download | Favorite | View