VBScan is a black box vBulletin vulnerability scanner written in perl.
82d1a85ca23e4a607f1875780b16ef08ee794d837cbbe3857ca74bebd9654100VBScan is a black box vBulletin vulnerability scanner written in perl.
00e39bc657609445485e8b9e1a7f43f7a5fd58e9bb73c6a7bea7b3302685a728Debian Linux Security Advisory 3684-1 - Paul Rohar discovered that libdbd-mysql-perl, the Perl DBI database driver for MySQL and MariaDB, constructed an error message in a fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service.
3c5d32f4eeefce06446e3e8b30f5304251c1d06e65a6099765bc82ba6c6cce14360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
0f685573a9c507c557c0980bc0721fb2da504d4ffd8e13c07a3c75d772a7d3c4360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
84c99cd153cac6ab84a8bc0e1b393ee0fe5bc1710beb30c473290b262b4831ffHP Security Bulletin HPSBNS03635 1 - Multiple potential remote and local vulnerabilities impacting Perl and PHP have been addressed by HPE NonStop Servers OSS Script Languages. The vulnerabilities include Perl's opportunistic loading of optional modules which might allow local users to gain elevation of privilege via a Trojan horse library under the current working directory. Revision 1 of this advisory.
d61092f8531c4cfe3e647e6a78dff740f1529c96097e41b94e0050770ca40436Debian Linux Security Advisory 3635-1 - Two use-after-free vulnerabilities were discovered in DBD::mysql, a Perl DBI driver for the MySQL database server. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using DBD::mysql (application crash), or potentially to execute arbitrary code with the privileges of the user running the application.
4cc23f574ef6aa3358542080d68a419fe0c1ffc881e7106d9f7c28022dfb4863Debian Linux Security Advisory 3628-1 - Multiple vulnerabilities were discovered in the implementation of the Perl programming language.
c4d42728c93a6c069a9075ac463c45771991119363de3f80dbbd028a2e5b8945Red Hat Security Advisory 2016-1132-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaDB uses PCRE, a Perl-compatible regular expression library, to implement regular expression support in SQL queries. Security Fix: It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client.
16f38212bccb8010e708385b790d7d201292446b0a15ee643f9c173716e06293Red Hat Security Advisory 2016-1025-01 - PCRE is a Perl-compatible regular expression library. Security Fix: Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code.
b2b35b4379b6f976409d37d4c2a6be0a872ba2f001636d92ba874517e52302c6VBScan is a black box vBulletin vulnerability scanner written in perl.
c12e918da14aa71629c893643a7bac1ab6f469fdb72a868b4f2e8689e00a88fbThis Metasploit module exploits a Perl injection vulnerability in Exim versions prior to 4.86.2 given the presence of the "perl_startup" configuration parameter.
9244d1a56ca1a0b4187fc7d9232dd5485fbbf380c0bdb9f35ea79df0019c335aPerl version 5.22 suffers from two out-of-bounds reads and multiple small buffer over-read vulnerabilities in the VDir::MapPathA and VDir::MapPathW functions that could potentially be exploited to achieve arbitrary code execution.
cd84d70480486213183c751f06e787f023b2261ad301971f1c15757a078757f7Some installations of Postgres 8 and 9 are configured to allow loading external scripting languages. Most commonly this is Perl and Python. When enabled, command execution is possible on the host. To execute system commands, loading the "untrusted" version of the language is necessary. This requires a superuser. This is usually postgres. The execution should be platform-agnostic, and has been tested on OS X, Windows, and Linux. This Metasploit module attempts to load Perl or Python to execute system commands. As this dynamically loads a scripting language to execute commands, it is not necessary to drop a file on the filesystem. Only Postgres 8 and up are supported.
35a6a49124ad62dab21bd8ac5c63333438e1b0e3ebfa9c2ae8f568b3ec88f1c1Exim versions prior to 4.86.2 suffer from a local root privilege escalation vulnerability. When Exim installation has been compiled with Perl support and contains a perl_startup configuration variable it can be exploited by malicious local attackers to gain root privileges.
c8b37f6ba0c1a3bd66f5d17781dd1c98a33edc213484ca6db8095fef81937ebc360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
4210ef09e1a1c4fe7bb855e6b9ca5560ffad95db48f9aba053850b587b19a4b5Ubuntu Security Notice 2916-1 - It was discovered that Perl incorrectly handled certain regular expressions with an invalid backreference. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Markus Vervier discovered that Perl incorrectly handled nesting in the Data::Dumper module. An attacker could use this issue to cause Perl to consume memory and crash, resulting in a denial of service. Various other issues were also addressed.
11e056de6dfb046779b736f70aa61c3166ddef3f52a845f803b60553b0168d67Debian Linux Security Advisory 3501-1 - Stephane Chazelas discovered a bug in the environment handling in Perl. Perl provides a Perl-space hash variable, %ENV, in which environment variables can be looked up. If a variable appears twice in envp, only the last value would appear in %ENV, but getenv would return the first. Perl's taint security mechanism would be applied to the value in %ENV, but not to the other rest of the environment. This could result in an ambiguous environment causing environment variables to be propagated to subprocesses, despite the protections supposedly offered by taint checking.
0175db23b2e5d2977586b5d7e9b15cec7d810fb7dd51a574de92d242a41c5aa4360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
ac701465b6fa8598954fa500e80b3ccb80cc7b3e0e82498b2ced43232dbd181c360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
9ef74d762e07f388e5a0eccd9ed6957ad7b632f5a913dfd1f90e138dcb8092d1360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
e08e2af42535cd28422b0683f922dda1c5aa25589d440e7d865f107997dda95eVBScan is a black box vBulletin vulnerability scanner written in perl.
50b8c3cf5f0259a2730560b37dcd93d7b6a81dd0fe12fb9e513ed77090111d08Ubuntu Security Notice 2878-1 - David Golden discovered that the canonpath function in the Perl File::Spec module did not properly preserve the taint attribute. An attacker could possibly use this issue to bypass the taint protection mechanism.
3db55d3bf074181b89629f8f752f3b60d2dc5f2b3f784857fbf7ab1ae0c7d086The Metabrik Platform bind together a classic Shell with a Perl interpreter as a REPL (Read-Eval-Print-Loop) and a ton of small Briks. Briks are reusable components each performing a specific task. You chain Briks together using Perl variables, they are used to pass output of a Brik Command as input for another Brik Command.
c06706bb9fd49bab1f317f9a259e8b26787abb0f6a8fe9a438c094e2035df244360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
a8c1c364c648e086cfd990841c9c8f7d40d5c133e2077e48f9dce9e60a569f4a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed