Ubuntu Security Notice 3625-2 - USN-3625-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. Various other issues were also addressed.
d4a5fd0410568b65575aca4ff4090d65Ubuntu Security Notice 3625-1 - It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. It was discovered that Perl incorrectly loaded libraries from the current working directory. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
73d95215fd2d3d7d29dd0162fd926131This is a simple perl script to perform dictionary attacks against the KeePass password manager.
e2e787dabb8d179b58974a368b36d65fVideoFlow Digital Video Protection DVP 10 version 2.10 suffers from an authenticated arbitrary file disclosure vulnerability including no session expiration. Input passed via the 'ID' parameter in several Perl scripts is not properly verified before being used to download system files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks.
6259e5b72171a19735bbd988982e2638OWASP JoomScan is an opensource project for detecting Joomla CMS vulnerabilities. Written in Perl.
7e5b960ec4f8e2fef8be1674212bf52eRootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
54762d04ec7faa0736cc151271b02c06Ubuntu Security Notice 3478-2 - USN-3478-1 fixed two vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
6fc7e5e039d31a5a2672a0fdaf7f7380Ubuntu Security Notice 3478-1 - Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code.
972077314df82317d1a943797ea753eaThe git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations and it allows for OS command injection. Versions before before 2.14.2, 2.13.6, 2.12.5, 2.11.4 and 2.10.5 are affected.
d20dd2daa3a886f605dc703ed7b1a0f7Debian Linux Security Advisory 3984-1 - joernchen discovered that the git-cvsserver subcommand of Git, a distributed version control system, suffers from a shell command injection vulnerability due to unsafe use of the Perl backtick operator. The git-cvsserver subcommand is reachable from the git-shell subcommand even if CVS support has not been configured (however, the git-cvs package needs to be installed).
98463fb673a8ecb102e3ba8022adf3afGentoo Linux Security Advisory 201709-12 - A vulnerability in module File::Path for Perl allows local attackers to set arbitrary mode values on arbitrary files bypassing security restrictions. Versions less than 5.24.1-r2 are affected.
5620847c3a8f249a70ab67b6ec52b2b1360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
2cba5e7f228859fd636962a64d3f49d0check_siem is a security incidents and events monitor written in Perl. It reports on unusual user, process, net, and file activities by leveraging fuzzy LSOF statistics. Think of it as a fun-sized HIDS.
1aea048508da5cbbeaf7f61b00c2598fRootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
c625bcb5e226d1f2a7a3a530b7e4fbd9Debian Linux Security Advisory 3873-1 - The cPanel Security Team reported a time of check to time of use (TOCTTOU) race condition flaw in File::Path, a core module from Perl to create or remove directory trees. An attacker can take advantage of this flaw to set the mode on an attacker-chosen file to a attacker-chosen value.
599f343c6f8c0a3ef16c7eb1a857ccb8Uberscan is an IP scanner and brute forcing tool all in one. Written in perl.
c2206c84617814483c4882184580d507360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
b89c2831979ada2d1e3b0440139a40b5360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
ccc8ee4c1cae5c44a1d4530da9387ca9Gentoo Linux Security Advisory 201701-75 - Multiple vulnerabilities have been found in Perl, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 5.22.3_rc4 are affected.
aadc81a6433dc3251362cd7f85b56bd8VBScan is a black box vBulletin vulnerability scanner written in perl.
cd8948f91ed8d7abf1aabfd6df5c7551VBScan is a black box vBulletin vulnerability scanner written in perl.
ab8f36c6254b92a9bcade76be6484200Debian Linux Security Advisory 3684-1 - Paul Rohar discovered that libdbd-mysql-perl, the Perl DBI database driver for MySQL and MariaDB, constructed an error message in a fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service.
948dde10da1adfd60275906fdbc47fab360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
1873a9b926565710ead0a8b996652ead360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
8ba032177a73e72a1b286b83ac1fd08eHP Security Bulletin HPSBNS03635 1 - Multiple potential remote and local vulnerabilities impacting Perl and PHP have been addressed by HPE NonStop Servers OSS Script Languages. The vulnerabilities include Perl's opportunistic loading of optional modules which might allow local users to gain elevation of privilege via a Trojan horse library under the current working directory. Revision 1 of this advisory.
208143266211c16a2e73608c2b984f2c
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed