VBScan is a black box vBulletin vulnerability scanner written in perl.
82d1a85ca23e4a607f1875780b16ef08ee794d837cbbe3857ca74bebd9654100
VBScan is a black box vBulletin vulnerability scanner written in perl.
00e39bc657609445485e8b9e1a7f43f7a5fd58e9bb73c6a7bea7b3302685a728
Debian Linux Security Advisory 3684-1 - Paul Rohar discovered that libdbd-mysql-perl, the Perl DBI database driver for MySQL and MariaDB, constructed an error message in a fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service.
3c5d32f4eeefce06446e3e8b30f5304251c1d06e65a6099765bc82ba6c6cce14
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
0f685573a9c507c557c0980bc0721fb2da504d4ffd8e13c07a3c75d772a7d3c4
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
84c99cd153cac6ab84a8bc0e1b393ee0fe5bc1710beb30c473290b262b4831ff
HP Security Bulletin HPSBNS03635 1 - Multiple potential remote and local vulnerabilities impacting Perl and PHP have been addressed by HPE NonStop Servers OSS Script Languages. The vulnerabilities include Perl's opportunistic loading of optional modules which might allow local users to gain elevation of privilege via a Trojan horse library under the current working directory. Revision 1 of this advisory.
d61092f8531c4cfe3e647e6a78dff740f1529c96097e41b94e0050770ca40436
Debian Linux Security Advisory 3635-1 - Two use-after-free vulnerabilities were discovered in DBD::mysql, a Perl DBI driver for the MySQL database server. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using DBD::mysql (application crash), or potentially to execute arbitrary code with the privileges of the user running the application.
4cc23f574ef6aa3358542080d68a419fe0c1ffc881e7106d9f7c28022dfb4863
Debian Linux Security Advisory 3628-1 - Multiple vulnerabilities were discovered in the implementation of the Perl programming language.
c4d42728c93a6c069a9075ac463c45771991119363de3f80dbbd028a2e5b8945
Red Hat Security Advisory 2016-1132-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaDB uses PCRE, a Perl-compatible regular expression library, to implement regular expression support in SQL queries. Security Fix: It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client.
16f38212bccb8010e708385b790d7d201292446b0a15ee643f9c173716e06293
Red Hat Security Advisory 2016-1025-01 - PCRE is a Perl-compatible regular expression library. Security Fix: Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code.
b2b35b4379b6f976409d37d4c2a6be0a872ba2f001636d92ba874517e52302c6
VBScan is a black box vBulletin vulnerability scanner written in perl.
c12e918da14aa71629c893643a7bac1ab6f469fdb72a868b4f2e8689e00a88fb
This Metasploit module exploits a Perl injection vulnerability in Exim versions prior to 4.86.2 given the presence of the "perl_startup" configuration parameter.
9244d1a56ca1a0b4187fc7d9232dd5485fbbf380c0bdb9f35ea79df0019c335a
Perl version 5.22 suffers from two out-of-bounds reads and multiple small buffer over-read vulnerabilities in the VDir::MapPathA and VDir::MapPathW functions that could potentially be exploited to achieve arbitrary code execution.
cd84d70480486213183c751f06e787f023b2261ad301971f1c15757a078757f7
Some installations of Postgres 8 and 9 are configured to allow loading external scripting languages. Most commonly this is Perl and Python. When enabled, command execution is possible on the host. To execute system commands, loading the "untrusted" version of the language is necessary. This requires a superuser. This is usually postgres. The execution should be platform-agnostic, and has been tested on OS X, Windows, and Linux. This Metasploit module attempts to load Perl or Python to execute system commands. As this dynamically loads a scripting language to execute commands, it is not necessary to drop a file on the filesystem. Only Postgres 8 and up are supported.
35a6a49124ad62dab21bd8ac5c63333438e1b0e3ebfa9c2ae8f568b3ec88f1c1
Exim versions prior to 4.86.2 suffer from a local root privilege escalation vulnerability. When Exim installation has been compiled with Perl support and contains a perl_startup configuration variable it can be exploited by malicious local attackers to gain root privileges.
c8b37f6ba0c1a3bd66f5d17781dd1c98a33edc213484ca6db8095fef81937ebc
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
4210ef09e1a1c4fe7bb855e6b9ca5560ffad95db48f9aba053850b587b19a4b5
Ubuntu Security Notice 2916-1 - It was discovered that Perl incorrectly handled certain regular expressions with an invalid backreference. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Markus Vervier discovered that Perl incorrectly handled nesting in the Data::Dumper module. An attacker could use this issue to cause Perl to consume memory and crash, resulting in a denial of service. Various other issues were also addressed.
11e056de6dfb046779b736f70aa61c3166ddef3f52a845f803b60553b0168d67
Debian Linux Security Advisory 3501-1 - Stephane Chazelas discovered a bug in the environment handling in Perl. Perl provides a Perl-space hash variable, %ENV, in which environment variables can be looked up. If a variable appears twice in envp, only the last value would appear in %ENV, but getenv would return the first. Perl's taint security mechanism would be applied to the value in %ENV, but not to the other rest of the environment. This could result in an ambiguous environment causing environment variables to be propagated to subprocesses, despite the protections supposedly offered by taint checking.
0175db23b2e5d2977586b5d7e9b15cec7d810fb7dd51a574de92d242a41c5aa4
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
ac701465b6fa8598954fa500e80b3ccb80cc7b3e0e82498b2ced43232dbd181c
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
9ef74d762e07f388e5a0eccd9ed6957ad7b632f5a913dfd1f90e138dcb8092d1
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
e08e2af42535cd28422b0683f922dda1c5aa25589d440e7d865f107997dda95e
VBScan is a black box vBulletin vulnerability scanner written in perl.
50b8c3cf5f0259a2730560b37dcd93d7b6a81dd0fe12fb9e513ed77090111d08
Ubuntu Security Notice 2878-1 - David Golden discovered that the canonpath function in the Perl File::Spec module did not properly preserve the taint attribute. An attacker could possibly use this issue to bypass the taint protection mechanism.
3db55d3bf074181b89629f8f752f3b60d2dc5f2b3f784857fbf7ab1ae0c7d086
The Metabrik Platform bind together a classic Shell with a Perl interpreter as a REPL (Read-Eval-Print-Loop) and a ton of small Briks. Briks are reusable components each performing a specific task. You chain Briks together using Perl variables, they are used to pass output of a Brik Command as input for another Brik Command.
c06706bb9fd49bab1f317f9a259e8b26787abb0f6a8fe9a438c094e2035df244
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
a8c1c364c648e086cfd990841c9c8f7d40d5c133e2077e48f9dce9e60a569f4a