Gentoo Linux Security Advisory 201909-1 - Multiple vulnerabilities have been found in Perl, the worst of which could result in the arbitrary execution of code. Versions less than 5.28.2 are affected.
8e0bb972c12f551aeb803dc511351152This Metasploit module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForge downloads were backdoored, but they are listed as official downloads on the project's site. Unknown attacker(s) inserted Perl qx statements into the build server's source code on two separate occasions: once in April 2018, introducing the backdoor in the 1.890 release, and in July 2018, reintroducing the backdoor in releases 1.900 through 1.920. Only version 1.890 is exploitable in the default install. Later affected versions require the expired password changing feature to be enabled.
a2360d86ccb3b9b45e1315630a785649Red Hat Security Advisory 2019-2400-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.
9f33236b3becfb00bd232a98d052a994Red Hat Security Advisory 2019-2097-01 - The Archive::Tar module provides a mechanism for Perl scripts to manipulate tar archive files. Issues addressed include a traversal vulnerability.
0bdc642b7fdc1454e881cb9d1b1a1110Red Hat Security Advisory 2019-1942-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.
81e387a315d7dbeb23073fb0b8aeadf8Red Hat Security Advisory 2019-1790-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.
a298004fd012ab317d6dcdc6bd10d9eaRed Hat Security Advisory 2019-0109-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.
ff8eb4ffb67c3ff1cd697a620421315fRed Hat Security Advisory 2019-0010-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.
faadd3788ca90ff4abd0d9508d573eaaRed Hat Security Advisory 2019-0001-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.
2dd37f88ab4551f6576438881aa0db3dUbuntu Security Notice 3834-2 - USN-3834-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
4b1cb856c5b70ee9027861be4c5bfe83Ubuntu Security Notice 3834-1 - Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. Various other issues were also addressed.
d49d4e952670e88373b599e721903471Debian Linux Security Advisory 4347-1 - Multiple vulnerabilities were discovered in the implementation of the Perl programming language.
55b5f8a7009fa232b7fe40ce3b498a47Ubuntu Security Notice 3825-2 - USN-3825-1 fixed a vulnerability in mod_perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Jan Ingvoldstad discovered that mod_perl incorrectly handled configuration options to disable being used by unprivileged users, contrary to the documentation. A local attacker could possibly use this issue to execute arbitrary Perl code. Various other issues were also addressed.
a6a5736b83ce90265a6ec06acf1c20e8Ubuntu Security Notice 3825-1 - Jan Ingvoldstad discovered that mod_perl incorrectly handled configuration options to disable being used by unprivileged users, contrary to the documentation. A local attacker could possibly use this issue to execute arbitrary Perl code.
9d677f50c922e8159d80dbba054a65adSIPPTS is a set of tools to audit VoIP servers and devices using the SIP protocol. It is a set of perl scripts that allow you to identify extensions, remotely crack passwords, check for missing authentication to make phone calls, and more.
04a6889548bba8328cf1f425eb681298Red Hat Security Advisory 2018-2826-01 - Mod_perl incorporates a Perl interpreter into the Apache web server, such that the Apache HTTP server can directly execute Perl code. Issues addressed include a code execution vulnerability.
68d78740d4e091cea9d2b974a51f106cRed Hat Security Advisory 2018-2825-01 - Mod_perl incorporates a Perl interpreter into the Apache web server, such that the Apache HTTP server can directly execute Perl code. Issues addressed include a code execution vulnerability.
7cd8146c3ec61901eb3a054b2a7a3399Red Hat Security Advisory 2018-2737-01 - Mod_perl incorporates a Perl interpreter into the Apache web server, such that the Apache HTTP server can directly execute Perl code. Issues addressed include a code execution vulnerability.
8525fc2be71cfb181c180d4b410e18d9Debian Linux Security Advisory 4300-1 - It was discovered that Archive::Zip, a perl module for manipulation of ZIP archives, is prone to a directory traversal vulnerability. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite arbitrary files during archive extraction.
8b0408d1b44e4ae145b4f8d4a02c9ad8VBScan is a black box vBulletin vulnerability scanner written in perl.
130a1a1372cc4614c4dea54ac6d2493bLinux Awk to Perl (/usr/bin/a2p) suffers from a buffer overflow vulnerability.
5f941b7a5f120e4ea63ce6593fdf699aMalbait is a honeypot written in perl. It creates fake servers and supports both TCP and UDP protocols, either singly or in combination. It outputs in CSV format as well as giving more detailed text reports. You can serve fake Telnet, FTP, SMTP, POP3, HTTP, TR-69, IMAP, asciitime, systat and echo servers, as well as serving blank or random output.
f51667a675e30504d2bfc0f0895042e9Ubuntu Security Notice 3684-1 - It was discovered that Perl incorrectly handled certain archive files. An attacker could possibly use this to overwrite arbitrary files.
682ba37fc142ec50b37e732a6884afaeUbuntu Security Notice 3684-2 - USN-3684-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Perl incorrectly handled certain archive files. An attacker could possibly use this to overwrite arbitrary files.
00c9c5a21a48d1c5060750b8a91b2e86Red Hat Security Advisory 2018-1192-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include multiple overflows.
b4bdd83179dcb9224f541f5c0cf45e83
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed