Vulnerabilities > CVE-2007-5116 - Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2007-009.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2007-009 applied. This update contains several security fixes for a large number of programs.
    last seen2020-06-01
    modified2020-06-02
    plugin id29723
    published2007-12-18
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29723
    titleMac OS X Multiple Vulnerabilities (Security Update 2007-009)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(29723);
      script_version("1.27");
      script_cvs_date("Date: 2018/07/14  1:59:35");
    
      script_cve_id("CVE-2006-0024", "CVE-2007-1218", "CVE-2007-1659", "CVE-2007-1660", "CVE-2007-1661",
                    "CVE-2007-1662", "CVE-2007-3798", "CVE-2007-3876", "CVE-2007-4131", "CVE-2007-4351",
                    "CVE-2007-4572", "CVE-2007-4708", "CVE-2007-4709", "CVE-2007-4710", "CVE-2007-4766",
                    "CVE-2007-4767", "CVE-2007-4768", "CVE-2007-4965", "CVE-2007-5116", "CVE-2007-5379",
                    "CVE-2007-5380", "CVE-2007-5398", "CVE-2007-5476", "CVE-2007-5770", "CVE-2007-5847",
                    "CVE-2007-5848", "CVE-2007-5849", "CVE-2007-5850", "CVE-2007-5851", "CVE-2007-5853",
                    "CVE-2007-5854", "CVE-2007-5855", "CVE-2007-5856", "CVE-2007-5857", "CVE-2007-5858",
                    "CVE-2007-5859", "CVE-2007-5860", "CVE-2007-5861", "CVE-2007-5863", "CVE-2007-6077",
                    "CVE-2007-6165");
      script_bugtraq_id(17106, 22772, 24965, 25417, 25696, 26096, 26268, 26274, 26346,
                        26350, 26421, 26454, 26455, 26510, 26598, 26908, 26910, 26926);
    
      script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2007-009)");
      script_summary(english:"Check for the presence of Security Update 2007-009");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote host is missing a Mac OS X update that fixes various
    security issues.");
      script_set_attribute(attribute:"description", value:
    "The remote host is running a version of Mac OS X 10.5 or 10.4 that does
    not have Security Update 2007-009 applied. 
    
    This update contains several security fixes for a large number of
    programs.");
      script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=307179");
      script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html");
      script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/advisories/13649");
      script_set_attribute(attribute:"solution", value:"Install Security Update 2007-009.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mail.app Image Attachment Command Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_cwe_id(16, 20, 22, 79, 119, 134, 189, 200, 264, 287, 310, 362, 399);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/03/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2007/10/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/18");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
      script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/MacOSX/packages", "Host/uname");
      exit(0);
    }
    
    
    uname = get_kb_item("Host/uname");
    if ( ! uname ) exit(0);
    if ( egrep(pattern:"Darwin.* (8\.[0-9]\.|8\.1[01]\.)", string:uname) )
    {
      packages = get_kb_item("Host/MacOSX/packages");
      if ( ! packages ) exit(0);
      if (!egrep(pattern:"^SecUpd(Srvr)?(2007-009|200[89]-|20[1-9][0-9]-)", string:packages))
        security_hole(0);
    }
    else if ( egrep(pattern:"Darwin.* (9\.[01]\.)", string:uname) )
    {
     packages = get_kb_item("Host/MacOSX/packages/boms");
     if ( ! packages ) exit(0);
     if ( !egrep(pattern:"^com\.apple\.pkg\.update\.security\.2007\.009\.bom", string:packages) )
    	security_hole(0);
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20071105_PERL_ON_SL5_X.NASL
    descriptionA flaw was found in Perl
    last seen2020-06-01
    modified2020-06-02
    plugin id60283
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60283
    titleScientific Linux Security Update : perl on SL5.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(60283);
      script_version("1.4");
      script_cvs_date("Date: 2019/10/25 13:36:17");
    
      script_cve_id("CVE-2007-5116");
    
      script_name(english:"Scientific Linux Security Update : perl on SL5.x i386/x86_64");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A flaw was found in Perl's regular expression engine. Specially
    crafted input to a regular expression can cause Perl to improperly
    allocate memory, possibly resulting in arbitrary code running with the
    permissions of the user running Perl. (CVE-2007-5116)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0711&L=scientific-linux-errata&T=0&P=1296
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9f5cc268"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected perl and / or perl-suidperl packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_cwe_id(119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/11/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL5", reference:"perl-5.8.8-10.el5.2")) flag++;
    if (rpm_check(release:"SL5", reference:"perl-suidperl-5.8.8-10.el5.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-3255.NASL
    descriptionResolves CVE-2007-5116: perl regular expression UTF parsing errors Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id28191
    published2007-11-14
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/28191
    titleFedora 7 : perl-5.8.8-26.fc7 (2007-3255)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2007-3255.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(28191);
      script_version ("1.15");
      script_cvs_date("Date: 2019/08/02 13:32:25");
    
      script_cve_id("CVE-2007-5116");
      script_bugtraq_id(26350);
      script_xref(name:"FEDORA", value:"2007-3255");
    
      script_name(english:"Fedora 7 : perl-5.8.8-26.fc7 (2007-3255)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Resolves CVE-2007-5116: perl regular expression UTF parsing errors
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=378131"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2007-November/004757.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?dee4abf0"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-CPAN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-ExtUtils-Embed");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-ExtUtils-MakeMaker");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-Test-Harness");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-Test-Simple");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-suidperl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:7");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/11/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 7.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC7", reference:"perl-5.8.8-26.fc7")) flag++;
    if (rpm_check(release:"FC7", reference:"perl-CPAN-1.76_02-26.fc7")) flag++;
    if (rpm_check(release:"FC7", reference:"perl-ExtUtils-Embed-1.26-26.fc7")) flag++;
    if (rpm_check(release:"FC7", reference:"perl-ExtUtils-MakeMaker-6.30-26.fc7")) flag++;
    if (rpm_check(release:"FC7", reference:"perl-Test-Harness-2.56-26.fc7")) flag++;
    if (rpm_check(release:"FC7", reference:"perl-Test-Simple-0.62-26.fc7")) flag++;
    if (rpm_check(release:"FC7", reference:"perl-debuginfo-5.8.8-26.fc7")) flag++;
    if (rpm_check(release:"FC7", reference:"perl-devel-5.8.8-26.fc7")) flag++;
    if (rpm_check(release:"FC7", reference:"perl-libs-5.8.8-26.fc7")) flag++;
    if (rpm_check(release:"FC7", reference:"perl-suidperl-5.8.8-26.fc7")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl / perl-CPAN / perl-ExtUtils-Embed / perl-ExtUtils-MakeMaker / etc");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200711-28.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200711-28 (Perl: Buffer overflow) Tavis Ormandy and Will Drewry (Google Security Team) discovered a heap-based buffer overflow in the Regular Expression engine (regcomp.c) that occurs when switching from byte to Unicode (UTF-8) characters in a regular expression. Impact : A remote attacker could either entice a user to compile a specially crafted regular expression or actively compile it in case the script accepts remote input of regular expressions, possibly leading to the execution of arbitrary code with the privileges of the user running Perl. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id28267
    published2007-11-20
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/28267
    titleGLSA-200711-28 : Perl: Buffer overflow
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200711-28.
    #
    # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(28267);
      script_version("1.15");
      script_cvs_date("Date: 2019/08/02 13:32:44");
    
      script_cve_id("CVE-2007-5116");
      script_xref(name:"GLSA", value:"200711-28");
    
      script_name(english:"GLSA-200711-28 : Perl: Buffer overflow");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200711-28
    (Perl: Buffer overflow)
    
        Tavis Ormandy and Will Drewry (Google Security Team) discovered a
        heap-based buffer overflow in the Regular Expression engine (regcomp.c)
        that occurs when switching from byte to Unicode (UTF-8) characters in a
        regular expression.
      
    Impact :
    
        A remote attacker could either entice a user to compile a specially
        crafted regular expression or actively compile it in case the script
        accepts remote input of regular expressions, possibly leading to the
        execution of arbitrary code with the privileges of the user running
        Perl.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200711-28"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Perl users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=dev-lang/perl-5.8.8-r4'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:perl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/11/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/20");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"dev-lang/perl", unaffected:make_list("ge 5.8.8-r4"), vulnerable:make_list("lt 5.8.8-r4"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Perl");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2007-207.NASL
    descriptionTavis Ormandy and Will Drewry discovered a flaw in Perl
    last seen2020-06-01
    modified2020-06-02
    plugin id27642
    published2007-11-06
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27642
    titleMandrake Linux Security Advisory : perl (MDKSA-2007:207)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2007:207. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(27642);
      script_version ("1.14");
      script_cvs_date("Date: 2019/08/02 13:32:49");
    
      script_cve_id("CVE-2007-5116");
      script_xref(name:"MDKSA", value:"2007:207");
    
      script_name(english:"Mandrake Linux Security Advisory : perl (MDKSA-2007:207)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Tavis Ormandy and Will Drewry discovered a flaw in Perl's regular
    expression engine. Specially crafted input to a regular expression can
    cause Perl to improperly allocate memory, resulting in the possible
    execution of arbitrary code with the permissions of the user running
    Perl.
    
    Updated packages have been patched to prevent these issues."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_cwe_id(119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-suid");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/11/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/06");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2007.0", reference:"perl-5.8.8-7.1mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", reference:"perl-base-5.8.8-7.1mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", reference:"perl-devel-5.8.8-7.1mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", reference:"perl-doc-5.8.8-7.1mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", reference:"perl-suid-5.8.8-7.1mdv2007.0", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2007.1", reference:"perl-5.8.8-10.1mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", reference:"perl-base-5.8.8-10.1mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", reference:"perl-devel-5.8.8-10.1mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", reference:"perl-doc-5.8.8-10.1mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", reference:"perl-suid-5.8.8-10.1mdv2007.1", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2008.0", reference:"perl-5.8.8-12.1mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"perl-base-5.8.8-12.1mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"perl-devel-5.8.8-12.1mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"perl-doc-5.8.8-12.1mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"perl-suid-5.8.8-12.1mdv2008.0", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-748.NASL
    descriptionThis update resolves CVE-2007-5116, fixing a security issue with perl
    last seen2020-06-01
    modified2020-06-02
    plugin id29196
    published2007-12-04
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29196
    titleFedora Core 6 : perl-5.8.8-12 (2007-748)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2007-748.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(29196);
      script_version ("1.13");
      script_cvs_date("Date: 2019/08/02 13:32:26");
    
      script_xref(name:"FEDORA", value:"2007-748");
    
      script_name(english:"Fedora Core 6 : perl-5.8.8-12 (2007-748)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora Core host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update resolves CVE-2007-5116, fixing a security issue with
    perl's regex parser.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2007-December/005582.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?01751147"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected perl, perl-debuginfo and / or perl-suidperl
    packages."
      );
      script_set_attribute(attribute:"risk_factor", value:"High");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-suidperl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:6");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/12/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 6.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC6", reference:"perl-5.8.8-12")) flag++;
    if (rpm_check(release:"FC6", reference:"perl-debuginfo-5.8.8-12")) flag++;
    if (rpm_check(release:"FC6", reference:"perl-suidperl-5.8.8-12")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl / perl-debuginfo / perl-suidperl");
    }
    
  • NASL familyAIX Local Security Checks
    NASL idAIX_U814193.NASL
    descriptionThe remote host is missing AIX PTF U814193, which is related to the security of the package perl.rte. A buffer overflow vulnerability exists in the
    last seen2020-06-01
    modified2020-06-02
    plugin id30933
    published2008-02-12
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/30933
    titleAIX 5.3 TL 6 : perl.rte (U814193)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were extracted
    # from AIX Security PTF U814193. The text itself is copyright (C)
    # International Business Machines Corp.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(30933);
      script_version ("1.6");
      script_cvs_date("Date: 2019/09/16 14:12:49");
    
      script_cve_id("CVE-2007-5116");
    
      script_name(english:"AIX 5.3 TL 6 : perl.rte (U814193)");
      script_summary(english:"Check for PTF U814193");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote AIX host is missing a vendor-supplied security patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is missing AIX PTF U814193, which is related to the
    security of the package perl.rte.
    
    A buffer overflow vulnerability exists in the 'perl.rte' fileset. A
    remote attacker may execute arbitrary code if a Perl script executing
    on the system is listening on a network port. If exploited the
    attacker can execute arbitrary code with the same privileges as the
    script.
    
    For more details please visit :
    
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ10244"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install the appropriate missing security-related fix."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_cwe_id(119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/12/06");
      script_set_attribute(attribute:"patch_publication_date", value:"2007/12/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
      script_family(english:"AIX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp");
    
      exit(0);
    }
    
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("aix.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX");
    if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    flag = 0;
    
    if ( aix_check_patch(ml:"530006", patch:"U814193", package:"perl.rte.5.8.2.62") < 0 ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-3399.NASL
    description - Tue Apr 29 2008 Marcela Maslanova <mmaslano at redhat.com> - 4:5.8.8-29 - CVE-2008-1927 buffer overflow, when unicode character is used. - Thu Jan 31 2008 Tom
    last seen2020-06-01
    modified2020-06-02
    plugin id32105
    published2008-05-01
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/32105
    titleFedora 7 : perl-5.8.8-29.fc7 (2008-3399)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2008-3399.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(32105);
      script_version ("1.17");
      script_cvs_date("Date: 2019/08/02 13:32:27");
    
      script_cve_id("CVE-2008-1927");
      script_bugtraq_id(28928);
      script_xref(name:"FEDORA", value:"2008-3399");
    
      script_name(english:"Fedora 7 : perl-5.8.8-29.fc7 (2008-3399)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - Tue Apr 29 2008 Marcela Maslanova <mmaslano at
        redhat.com> - 4:5.8.8-29
    
        - CVE-2008-1927 buffer overflow, when unicode character
          is used.
    
        - Thu Jan 31 2008 Tom 'spot' Callaway <tcallawa at
          redhat.com> - 4:5.8.8-28
    
        - create /usr/lib/perl5/vendor_perl/5.8.8/auto and own
          it in base perl (resolves bugzilla 214580)
    
      - Mon Nov 26 2007 Tom 'spot' Callaway <tcallawa at
        redhat.com> - 4:5.8.8-27
    
        - break dep loop, fix bugzilla 397881
    
        - Mon Nov 12 2007 Tom 'spot' Callaway <tcallawa at
          redhat.com> - 4:5.8.8-26
    
        - fix for CVE-2007-5116
    
        - Thu Oct 25 2007 Tom 'spot' Callaway <tcallawa at
          redhat.com> - 4:5.8.8-25
    
        - patch from perl bug 24254, fix for RH bz 114271
    
        - Mon Oct 1 2007 Tom 'spot' Callaway <tcallawa at
          redhat.com> - 4:5.8.8-24
    
        - update DB_File to 1.815
    
        - Sat Aug 18 2007 Stepan Kasal <skasal at redhat.com> -
          4:5.8.8-23
    
        - Remove unnnecessary parens from the License tags.
    
        - Sat Aug 18 2007 Stepan Kasal <skasal at redhat.com> -
          4:5.8.8-22
    
        - Fix the License: tags.
    
        - Fri Aug 17 2007 Stepan Kasal <skasal at redhat.com> -
          4:5.8.8-21
    
        - Apply patch to skip hostname tests, since hostname
          lookup isn't available in Fedora buildroots by design.
    
      - Fri Aug 17 2007 Stepan Kasal <skasal at redhat.com> -
        4:5.8.8-20
    
        - perl rpm requires the corresponding version of
          perl-libs rpm
    
        - Resolves: rhbz#240540
    
        - Fri Jun 22 2007 Robin Norwood <rnorwood at redhat.com>
          - 4:5.8.8-19
    
        - Resolves: rhbz#196836
    
        - Apply upstream patch #28775, which fixes an issue
          where reblessing overloaded objects incurs significant
          performance penalty
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=443928"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2008-April/009632.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2cb594bb"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected perl package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:7");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/04/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/05/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 7.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC7", reference:"perl-5.8.8-29.fc7")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-552-1.NASL
    descriptionIt was discovered that Perl
    last seen2020-06-01
    modified2020-06-02
    plugin id29237
    published2007-12-07
    reporterUbuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29237
    titleUbuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : perl vulnerability (USN-552-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-552-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(29237);
      script_version("1.16");
      script_cvs_date("Date: 2019/08/02 13:33:01");
    
      script_cve_id("CVE-2007-5116");
      script_bugtraq_id(26350);
      script_xref(name:"USN", value:"552-1");
    
      script_name(english:"Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : perl vulnerability (USN-552-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "It was discovered that Perl's regular expression library did not
    correctly handle certain UTF sequences. If a user or automated system
    were tricked into running a specially crafted regular expression, a
    remote attacker could crash the application or possibly execute
    arbitrary code with user privileges.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/552-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libcgi-fast-perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libperl-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libperl5.8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:perl-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:perl-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:perl-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:perl-modules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:perl-suid");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.10");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.10");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/12/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/07");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! ereg(pattern:"^(6\.06|6\.10|7\.04|7\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06 / 6.10 / 7.04 / 7.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"6.06", pkgname:"libcgi-fast-perl", pkgver:"5.8.7-10ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"libperl-dev", pkgver:"5.8.7-10ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"libperl5.8", pkgver:"5.8.7-10ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"perl", pkgver:"5.8.7-10ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"perl-base", pkgver:"5.8.7-10ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"perl-debug", pkgver:"5.8.7-10ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"perl-doc", pkgver:"5.8.7-10ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"perl-modules", pkgver:"5.8.7-10ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"perl-suid", pkgver:"5.8.7-10ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"6.10", pkgname:"libcgi-fast-perl", pkgver:"5.8.8-6ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"6.10", pkgname:"libperl-dev", pkgver:"5.8.8-6ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"6.10", pkgname:"libperl5.8", pkgver:"5.8.8-6ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"6.10", pkgname:"perl", pkgver:"5.8.8-6ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"6.10", pkgname:"perl-base", pkgver:"5.8.8-6ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"6.10", pkgname:"perl-debug", pkgver:"5.8.8-6ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"6.10", pkgname:"perl-doc", pkgver:"5.8.8-6ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"6.10", pkgname:"perl-modules", pkgver:"5.8.8-6ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"6.10", pkgname:"perl-suid", pkgver:"5.8.8-6ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"7.04", pkgname:"libcgi-fast-perl", pkgver:"5.8.8-7ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"7.04", pkgname:"libperl-dev", pkgver:"5.8.8-7ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"7.04", pkgname:"libperl5.8", pkgver:"5.8.8-7ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"7.04", pkgname:"perl", pkgver:"5.8.8-7ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"7.04", pkgname:"perl-base", pkgver:"5.8.8-7ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"7.04", pkgname:"perl-debug", pkgver:"5.8.8-7ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"7.04", pkgname:"perl-doc", pkgver:"5.8.8-7ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"7.04", pkgname:"perl-modules", pkgver:"5.8.8-7ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"7.04", pkgname:"perl-suid", pkgver:"5.8.8-7ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"libcgi-fast-perl", pkgver:"5.8.8-7ubuntu3.1")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"libperl-dev", pkgver:"5.8.8-7ubuntu3.1")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"libperl5.8", pkgver:"5.8.8-7ubuntu3.1")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"perl", pkgver:"5.8.8-7ubuntu3.1")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"perl-base", pkgver:"5.8.8-7ubuntu3.1")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"perl-debug", pkgver:"5.8.8-7ubuntu3.1")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"perl-doc", pkgver:"5.8.8-7ubuntu3.1")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"perl-modules", pkgver:"5.8.8-7ubuntu3.1")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"perl-suid", pkgver:"5.8.8-7ubuntu3.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libcgi-fast-perl / libperl-dev / libperl5.8 / perl / perl-base / etc");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2007-3218.NASL
    descriptionResolves: CVE-2007-5116: perl regular expression UTF parsing errors Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id28188
    published2007-11-14
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/28188
    titleFedora 8 : perl-5.8.8-31.fc8 (2007-3218)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2007-0966.NASL
    descriptionUpdated Perl packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration utilities and Web programming. A flaw was found in Perl
    last seen2020-06-01
    modified2020-06-02
    plugin id37788
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/37788
    titleCentOS 3 / 4 / 5 : perl (CESA-2007:0966)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_PERL-4665.NASL
    descriptionThis update fixes a buffer overflow in perl
    last seen2020-06-01
    modified2020-06-02
    plugin id29550
    published2007-12-13
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29550
    titleSuSE 10 Security Update : perl (ZYPP Patch Number 4665)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2007-0966.NASL
    descriptionFrom Red Hat Security Advisory 2007:0966 : Updated Perl packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration utilities and Web programming. A flaw was found in Perl
    last seen2020-06-01
    modified2020-06-02
    plugin id67586
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67586
    titleOracle Linux 3 / 4 / 5 : perl (ELSA-2007-0966)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_5B47C2798CB511DC88780016179B2DD5.NASL
    descriptionRed Hat reports : A flaw was found in Perl
    last seen2020-06-01
    modified2020-06-02
    plugin id27813
    published2007-11-07
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27813
    titleFreeBSD : perl -- regular expressions unicode data buffer overflow (5b47c279-8cb5-11dc-8878-0016179b2dd5)
  • NASL familySuSE Local Security Checks
    NASL idSUSE9_11964.NASL
    descriptionSpecially crafted regular expressions could lead to a buffer overflow in perl
    last seen2020-06-01
    modified2020-06-02
    plugin id41165
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41165
    titleSuSE9 Security Update : perl (YOU Patch Number 11964)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20071105_PERL_ON_SL4_X.NASL
    descriptionA flaw was found in Perl
    last seen2020-06-01
    modified2020-06-02
    plugin id60282
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60282
    titleScientific Linux Security Update : perl on SL4.x, SL3.x i386/x86_64
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2008-0001.NASL
    descriptionI Service Console package security updates a. OpenPegasus PAM Authentication Buffer Overflow Alexander Sotirov from VMware Security Research discovered a buffer overflow vulnerability in the OpenPegasus Management server. This flaw could be exploited by a malicious remote user on the service console network to gain root access to the service console. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5360 to this issue. b. Updated Samba package An issue where attackers on the service console management network can cause a stack-based buffer overflow in the reply_netbios_packet function of nmbd in Samba. On systems where Samba is being used as a WINS server, exploiting this vulnerability can allow remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request. An issue where attackers on the service console management network can exploit a vulnerability that occurs when Samba is configured as a Primary or Backup Domain controller. The vulnerability allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-5398 and CVE-2007-4572 to these issues. Note: By default Samba is not configured as a WINS server or a domain controller and ESX is not vulnerable unless the administrator has changed the default configuration. This vulnerability can be exploited remotely only if the attacker has access to the service console network. Security best practices provided by VMware recommend that the service console be isolated from the VM network. Please see http://www.vmware.com/resources/techresources/726 for more information on VMware security best practices. c. Updated util-linux package The patch addresses an issue where the mount and umount utilities in util-linux call the setuid and setgid functions in the wrong order and do not check the return values, which could allow attackers to gain elevated privileges via helper application such as mount.nfs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5191 to this issue. d. Updated Perl package The update addresses an issue where the regular expression engine in Perl can be used to issue a specially crafted regular expression that allows the attacker to run arbitrary code with the permissions level of the current Perl user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5116 to this issue. e. Updated OpenSSL package A flaw in the SSL_get_shared_ciphers() function could allow an attacker to cause a buffer overflow problem by sending ciphers to applications that use the function. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-3108, and CVE-2007-5135 to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id40372
    published2009-07-27
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40372
    titleVMSA-2008-0001 : Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1400.NASL
    descriptionWill Drewry and Tavis Ormandy of the Google Security Team have discovered a UTF-8 related heap overflow in Perl
    last seen2020-06-01
    modified2020-06-02
    plugin id27804
    published2007-11-07
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27804
    titleDebian DSA-1400-1 : perl - heap overflow
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201412-11.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201412-11 (AMD64 x86 emulation base libraries: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute arbitrary code, cause a Denial of Service condition, or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id79964
    published2014-12-15
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79964
    titleGLSA-201412-11 : AMD64 x86 emulation base libraries: Multiple vulnerabilities (Heartbleed)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IZ10244.NASL
    descriptionA buffer overflow vulnerability exists in the
    last seen2020-06-01
    modified2020-06-02
    plugin id64309
    published2013-01-30
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64309
    titleAIX 5.3 TL 5 : perl (IZ10244)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_122240.NASL
    descriptionSunOS 5.10_x86: Apache 2 mod_perl Perl cgi. Date this patch was last updated by Sun : Aug/08/08
    last seen2018-09-01
    modified2018-08-13
    plugin id33912
    published2008-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=33912
    titleSolaris 10 (x86) : 122240-03
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_122239.NASL
    descriptionSunOS 5.10: Apache 2 mod_perl Perl cgi pat. Date this patch was last updated by Sun : Aug/08/08
    last seen2018-09-01
    modified2018-08-13
    plugin id33908
    published2008-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=33908
    titleSolaris 10 (sparc) : 122239-03
  • NASL familyAIX Local Security Checks
    NASL idAIX_U815030.NASL
    descriptionThe remote host is missing AIX PTF U815030, which is related to the security of the package perl.rte.
    last seen2020-06-01
    modified2020-06-02
    plugin id32241
    published2008-05-13
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/32241
    titleAIX 5.2 TL 10 : perl.rte (U815030)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2007-0966.NASL
    descriptionUpdated Perl packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration utilities and Web programming. A flaw was found in Perl
    last seen2020-06-01
    modified2020-06-02
    plugin id27644
    published2007-11-06
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27644
    titleRHEL 3 / 4 / 5 : perl (RHSA-2007:0966)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_PERL-4675.NASL
    descriptionThis update fixes a buffer overflow in perl
    last seen2020-06-01
    modified2020-06-02
    plugin id28286
    published2007-11-20
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/28286
    titleopenSUSE 10 Security Update : perl (perl-4675)

Oval

accepted2013-04-29T04:07:35.977-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionBuffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
familyunix
idoval:org.mitre.oval:def:10669
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleBuffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
version27

Redhat

advisories
  • bugzilla
    id323571
    titleCVE-2007-5116 perl regular expression UTF parsing errors
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 4 is installed
        ovaloval:com.redhat.rhba:tst:20070304025
      • OR
        • AND
          • commentperl-suidperl is earlier than 3:5.8.5-36.el4_5.2
            ovaloval:com.redhat.rhsa:tst:20070966001
          • commentperl-suidperl is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060605004
        • AND
          • commentperl is earlier than 3:5.8.5-36.el4_5.2
            ovaloval:com.redhat.rhsa:tst:20070966003
          • commentperl is signed with Red Hat master key
            ovaloval:com.redhat.rhsa:tst:20060605002
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentperl-suidperl is earlier than 4:5.8.8-10.el5_0.2
            ovaloval:com.redhat.rhsa:tst:20070966006
          • commentperl-suidperl is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070966007
        • AND
          • commentperl is earlier than 4:5.8.8-10.el5_0.2
            ovaloval:com.redhat.rhsa:tst:20070966008
          • commentperl is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070966009
    rhsa
    idRHSA-2007:0966
    released2008-01-08
    severityImportant
    titleRHSA-2007:0966: perl security update (Important)
  • rhsa
    idRHSA-2007:1011
rpms
  • perl-2:5.8.0-97.EL3
  • perl-3:5.8.5-36.el4_5.2
  • perl-4:5.8.8-10.el5_0.2
  • perl-CGI-2:2.89-97.EL3
  • perl-CPAN-2:1.61-97.EL3
  • perl-DB_File-2:1.806-97.EL3
  • perl-debuginfo-2:5.8.0-97.EL3
  • perl-debuginfo-3:5.8.5-36.el4_5.2
  • perl-debuginfo-4:5.8.8-10.el5_0.2
  • perl-suidperl-2:5.8.0-97.EL3
  • perl-suidperl-3:5.8.5-36.el4_5.2
  • perl-suidperl-4:5.8.8-10.el5_0.2
  • perl-4:5.8.8-5.el4s1_2
  • perl-debuginfo-4:5.8.8-5.el4s1_2
  • perl-suidperl-4:5.8.8-5.el4s1_2
  • ant-0:1.6.5-1jpp_1rh
  • avalon-logkit-0:1.2-2jpp_4rh
  • axis-0:1.2.1-1jpp_3rh
  • classpathx-jaf-0:1.0-2jpp_6rh
  • classpathx-mail-0:1.1.1-2jpp_8rh
  • geronimo-ejb-2.1-api-0:1.0-0.M4.1jpp_10rh
  • geronimo-j2ee-1.4-apis-0:1.0-0.M4.1jpp_10rh
  • geronimo-j2ee-connector-1.5-api-0:1.0-0.M4.1jpp_10rh
  • geronimo-j2ee-deployment-1.1-api-0:1.0-0.M4.1jpp_10rh
  • geronimo-j2ee-management-1.0-api-0:1.0-0.M4.1jpp_10rh
  • geronimo-jms-1.1-api-0:1.0-0.M4.1jpp_10rh
  • geronimo-jsp-2.0-api-0:1.0-0.M4.1jpp_10rh
  • geronimo-jta-1.0.1B-api-0:1.0-0.M4.1jpp_10rh
  • geronimo-servlet-2.4-api-0:1.0-0.M4.1jpp_10rh
  • geronimo-specs-0:1.0-0.M4.1jpp_10rh
  • geronimo-specs-javadoc-0:1.0-0.M4.1jpp_10rh
  • jakarta-commons-modeler-0:2.0-3jpp_2rh
  • log4j-0:1.2.12-1jpp_1rh
  • mx4j-1:3.0.1-1jpp_4rh
  • pcsc-lite-0:1.3.3-3.el4
  • pcsc-lite-debuginfo-0:1.3.3-3.el4
  • pcsc-lite-doc-0:1.3.3-3.el4
  • pcsc-lite-libs-0:1.3.3-3.el4
  • rhpki-ca-0:7.3.0-20.el4
  • rhpki-java-tools-0:7.3.0-10.el4
  • rhpki-kra-0:7.3.0-14.el4
  • rhpki-manage-0:7.3.0-19.el4
  • rhpki-native-tools-0:7.3.0-6.el4
  • rhpki-ocsp-0:7.3.0-13.el4
  • rhpki-tks-0:7.3.0-13.el4
  • tomcat5-0:5.5.23-0jpp_4rh.16
  • tomcat5-common-lib-0:5.5.23-0jpp_4rh.16
  • tomcat5-jasper-0:5.5.23-0jpp_4rh.16
  • tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.16
  • tomcat5-server-lib-0:5.5.23-0jpp_4rh.16
  • tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.16
  • xerces-j2-0:2.7.1-1jpp_1rh
  • xml-commons-0:1.3.02-2jpp_1rh
  • xml-commons-apis-0:1.3.02-2jpp_1rh

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 26350 CVE(CAN) ID: CVE-2007-5116 Perl是一种免费且功能强大的编程语言。 Perl的正则表达式引擎在计算处理正则表达式所需空间的方式存在错误,本地攻击者可能利用此漏洞提升权限。 如果用户所发送到正则表达式中包含有Unicode数据的话,就会导致运行时自动切换到Unicode字符主题,之后再传送的表达式就可能触发堆溢出,导致在用户机器上执行任意指令。 Larry Wall Perl 5.8.8 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1400-1)以及相应补丁: DSA-1400-1:New perl packages fix arbitrary code execution 链接:<a href="http://www.debian.org/security/2007/dsa-1400" target="_blank">http://www.debian.org/security/2007/dsa-1400</a> 补丁下载: Source archives: <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.dsc" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.dsc</a> Size/MD5 checksum: 1031 653d1eaa085e027d325a520653e9785c <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.diff.gz" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.diff.gz</a> Size/MD5 checksum: 103931 b8c617d86f3baa2cd35bde936c0a76d5 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4.orig.tar.gz" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4.orig.tar.gz</a> Size/MD5 checksum: 12094233 912050a9cb6b0f415b76ba56052fb4cf Architecture independent components: <a href="http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.4-8sarge6_all.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.4-8sarge6_all.deb</a> Size/MD5 checksum: 38810 ff950bde09387a4023efff595fcb7b80 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.4-8sarge6_all.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.4-8sarge6_all.deb</a> Size/MD5 checksum: 7049010 803d0a25ddd6d3a75769b39fd44c1b21 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.4-8sarge6_all.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.4-8sarge6_all.deb</a> Size/MD5 checksum: 2178698 8f6bbe7db6414444fd5dbfb7786e6b76 Alpha architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_alpha.deb</a> Size/MD5 checksum: 804866 47b0bbfc0d2544132ac23e7bbd6fd81f <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_alpha.deb</a> Size/MD5 checksum: 1008 dddcaa51b3b5b67c881b49a996e83944 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_alpha.deb</a> Size/MD5 checksum: 3902134 e2170d1b691a118df3a3277e6f4b0af9 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_alpha.deb</a> Size/MD5 checksum: 874688 bdb3fc1c1e0bed8bc37292f12ec9e803 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_alpha.deb</a> Size/MD5 checksum: 4132780 e2539f2b62fd1a394f5424a534e9a51d <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_alpha.deb</a> Size/MD5 checksum: 37086 dd82f2321b96bc531e16857848bece42 AMD64 architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_amd64.deb</a> Size/MD5 checksum: 605148 b613969a68e576543f18f56b1956e78e <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_amd64.deb</a> Size/MD5 checksum: 1000 613477a3ba3f93013fa7a7776022d8e9 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_amd64.deb</a> Size/MD5 checksum: 3834172 7f354043d2e7bbee72c710982e4f9074 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_amd64.deb</a> Size/MD5 checksum: 791816 3541cf654fc59dd564c7af6642fae4df <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_amd64.deb</a> Size/MD5 checksum: 3935362 38fb00c40a25985bf22cfe9805543349 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_amd64.deb</a> Size/MD5 checksum: 32846 2f8cd32f087f60c61457f73f75fe3781 ARM architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_arm.deb</a> Size/MD5 checksum: 613158 30cd5528198d49208274e50e60611b0a <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_arm.deb</a> Size/MD5 checksum: 1026 fc64aa8b67f46fcccb6d85db7cb242ad <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_arm.deb</a> Size/MD5 checksum: 3132808 226a69d4fa30d1e0a40f4d761826c230 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_arm.deb</a> Size/MD5 checksum: 737524 b4aaf84bd60fef147d1131c5ffbc6a0a <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_arm.deb</a> Size/MD5 checksum: 3719460 8e8d12058f9f7fb9e153d4c3ff79d0f4 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_arm.deb</a> Size/MD5 checksum: 29880 faa9dc0401eb667e202e12f2d2cf9643 HP Precision architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_hppa.deb</a> Size/MD5 checksum: 654704 4efe04a8f2a81c81860148da029a88a8 <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_hppa.deb</a> Size/MD5 checksum: 1006 5081a0e11c583460919427c5b0c99a0d <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_hppa.deb</a> Size/MD5 checksum: 3922234 a2b4f6549b23dd3a6c11ff97b6377d3d <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_hppa.deb</a> Size/MD5 checksum: 867856 0955f80a504eb620dbab22129fe96dd3 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_hppa.deb</a> Size/MD5 checksum: 3910388 59e8e003f4d65c3e42785226c90d5466 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_hppa.deb</a> Size/MD5 checksum: 34496 46aee518b3411566edf62ea822e0edfd Intel IA-32 architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_i386.deb</a> Size/MD5 checksum: 567034 2edc13b9a19f6291bb300bcc28b815bd <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_i386.deb</a> Size/MD5 checksum: 508698 9f275f4137b40e5cd465e3073527ad34 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_i386.deb</a> Size/MD5 checksum: 3239308 bd4934402fadbd7c6c6c00260a4ecb88 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_i386.deb</a> Size/MD5 checksum: 753218 4f70cd1586e664189be02a84247efe5d <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_i386.deb</a> Size/MD5 checksum: 3736626 8710f57842322a711abf6161f57e9bc1 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_i386.deb</a> Size/MD5 checksum: 31706 d4e08f75b79d3bb75b4bdea55d668b6f Intel IA-64 architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_ia64.deb</a> Size/MD5 checksum: 866526 1f01d28dbc0d3fac81fbf120d048896a <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_ia64.deb</a> Size/MD5 checksum: 1000 07c5c9823c9ff29b96ce76c63e4dfd16 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_ia64.deb</a> Size/MD5 checksum: 4027978 0919c0c823170c46578a52df90f69cfc <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_ia64.deb</a> Size/MD5 checksum: 1046706 7f724a26677aa52c39182a5109bd3bf9 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_ia64.deb</a> Size/MD5 checksum: 4534722 9a16fed74de4e2e0c43b1135c15df9d3 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_ia64.deb</a> Size/MD5 checksum: 50106 e73b65a4b267ca99ba48ef64de4dfdc1 Motorola 680x0 architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_m68k.deb</a> Size/MD5 checksum: 457778 f25f1ebbbb4a5ce7b7a4a79c6256987e <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_m68k.deb</a> Size/MD5 checksum: 1040 9882ea5db94e569a35209a66c74bb390 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_m68k.deb</a> Size/MD5 checksum: 3815032 321dd2b80abad424b678f260d18f323a <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_m68k.deb</a> Size/MD5 checksum: 692196 733bfa10857d842bd907f408b03a8b3d <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_m68k.deb</a> Size/MD5 checksum: 3008672 81a0d0613ebe7b9affcd56174e1f955c <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_m68k.deb</a> Size/MD5 checksum: 27934 68de12bace4cf3de7a339b25119b1611 Big endian MIPS architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_mips.deb</a> Size/MD5 checksum: 657066 7e2c9980c630b3aa1e60348a4998665a <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_mips.deb</a> Size/MD5 checksum: 1032 3da5c1e82b6194beac8fe7020a38d7a3 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_mips.deb</a> Size/MD5 checksum: 3384320 edfa53822abb7626b2bfd6ac4d5923df <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_mips.deb</a> Size/MD5 checksum: 781078 f4a7b2e1bbd95c9381503b382d35ba58 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_mips.deb</a> Size/MD5 checksum: 4017490 ddca3a084b7c9f1b841bd3f93e39a1d0 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_mips.deb</a> Size/MD5 checksum: 32314 51f707f1c1d3df1c3ad05dc545512c10 Little endian MIPS architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_mipsel.deb</a> Size/MD5 checksum: 653134 bbb4600b3f9f2512fe9a9233bd06370e <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_mipsel.deb</a> Size/MD5 checksum: 1008 42770abda5e92de95a180097e8588304 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_mipsel.deb</a> Size/MD5 checksum: 3125468 db2214e0762dab59ebe7237fbe8d80b2 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_mipsel.deb</a> Size/MD5 checksum: 781866 c3b6aa7d16d60fc0a083601801d57cdd <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_mipsel.deb</a> Size/MD5 checksum: 3967958 2d941edd8a70f1461f4bc7ec9b97a396 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_mipsel.deb</a> Size/MD5 checksum: 32426 c16e24f77488ab690b9c73d33e9fd7be PowerPC architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_powerpc.deb</a> Size/MD5 checksum: 624852 fc0e31770a095b3180e8d29daac7ccc7 <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_powerpc.deb</a> Size/MD5 checksum: 988 5668a4e4abcab40b924c2855c4c34f62 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_powerpc.deb</a> Size/MD5 checksum: 3509282 9e72e0a6a0d0108d701e9071e0ed4c3b <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_powerpc.deb</a> Size/MD5 checksum: 790186 fa6005f52c5a101e053dc24e5247f025 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_powerpc.deb</a> Size/MD5 checksum: 3700840 fe73cfba8f036b63839141d4a0564d49 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_powerpc.deb</a> Size/MD5 checksum: 33564 e6d5ea2116ea4f5332c1ce887aa9b727 IBM S/390 architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_s390.deb</a> Size/MD5 checksum: 604302 92d8311292f70764bafc0b015818d39d <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_s390.deb</a> Size/MD5 checksum: 996 8870e77ca4719c8cc1c67f6ac15ee36c <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_s390.deb</a> Size/MD5 checksum: 3819836 84eed51f2f162825d3bda29af8ddb203 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_s390.deb</a> Size/MD5 checksum: 800590 ee302b41b1d011e089cb43db508415ef <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_s390.deb</a> Size/MD5 checksum: 4235554 367b0ca68cd88842507c781cbb0e1f84 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_s390.deb</a> Size/MD5 checksum: 33240 54ef9ae270587bb4c88f0e2b25d73347 Sun Sparc architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_sparc.deb</a> Size/MD5 checksum: 582166 027797bd12344393503ebae3344dfd43 <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_sparc.deb</a> Size/MD5 checksum: 1006 4183b345e38cd2dcbca8c24cf3d02918 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_sparc.deb</a> Size/MD5 checksum: 3547444 716f93769b9aa9c442044f9fe96c77c7 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_sparc.deb</a> Size/MD5 checksum: 775850 6ef7c40ecdd6e08dbb37d0c02f8c89a2 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_sparc.deb</a> Size/MD5 checksum: 3840628 e665c9ff077083f5719b7574e24fae05 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_sparc.deb</a> Size/MD5 checksum: 31038 64fcafc906130c016eb45f2394c5b4a8 Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.dsc" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.dsc</a> Size/MD5 checksum: 1033 92799d6842afb4c5a9cbf483591b2c36 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.diff.gz" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.diff.gz</a> Size/MD5 checksum: 93005 caec226784d13b4108af359206f4dfe9 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz</a> Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7 Architecture independent components: <a href="http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch1_all.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch1_all.deb</a> Size/MD5 checksum: 40906 ac1a3065102a3bb7920a976833f1d3cc <a href="http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch1_all.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch1_all.deb</a> Size/MD5 checksum: 7348690 c36b83c80b2c35515f3e6dec6451fda1 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch1_all.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch1_all.deb</a> Size/MD5 checksum: 2313532 915e64aecc9e15678125def5267ea809 Alpha architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_alpha.deb</a> Size/MD5 checksum: 821314 682e53e9c6736c48e31ea26e8697c870 <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_alpha.deb</a> Size/MD5 checksum: 1016 252a644a15275db90c1a9273e6f3b854 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_alpha.deb</a> Size/MD5 checksum: 4135606 4925efac08f96859a7c8b47b886e0533 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_alpha.deb</a> Size/MD5 checksum: 877900 03dce75ac1f4c9765a24f6f25ba01251 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_alpha.deb</a> Size/MD5 checksum: 2928420 1a9ab7809416b7cfc068180646414576 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_alpha.deb</a> Size/MD5 checksum: 36248 927d991a17103561f701fb56d512279d AMD64 architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_amd64.deb</a> Size/MD5 checksum: 630480 cdfbd258b8ee105250f389c3adfdc16e <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_amd64.deb</a> Size/MD5 checksum: 1010 101f7c5357740b63a670ae874a3a498a <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_amd64.deb</a> Size/MD5 checksum: 4238220 a2a9c0db784cc91e249f23e5564207bd <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_amd64.deb</a> Size/MD5 checksum: 808804 469c3fd8e358d917225dd49f987bbf8d <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_amd64.deb</a> Size/MD5 checksum: 2734912 d34da61c02d263e230b55f911d2dc748 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_amd64.deb</a> Size/MD5 checksum: 32798 afac9013d139c7ab1276f50cc35f4512 ARM architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_arm.deb</a> Size/MD5 checksum: 561934 9739f475931e29fb26e23873df727e04 <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_arm.deb</a> Size/MD5 checksum: 1018 77926e3d601fe1ed9bd75ef5a854d4e4 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_arm.deb</a> Size/MD5 checksum: 3412144 73c5f41073926ea641d06032b0c5d228 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_arm.deb</a> Size/MD5 checksum: 760246 574a68af0f13bc1a80d97c0eaa9ca4fc <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_arm.deb</a> Size/MD5 checksum: 2545942 7fb21c951bfd70b24e9b63a4025059f4 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_arm.deb</a> Size/MD5 checksum: 30358 ed5a223824e775a2e37b8e492e25abcb HP Precision architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_hppa.deb</a> Size/MD5 checksum: 693944 441ce7894fc9d46c3a285b8681097a24 <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_hppa.deb</a> Size/MD5 checksum: 1014 068b7030ce2e74328a567f560690e208 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_hppa.deb</a> Size/MD5 checksum: 4192184 916514f48c2d5ab511aac0c9d878d133 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_hppa.deb</a> Size/MD5 checksum: 868288 7eb4c3e38c25285bc6a0ab6dc5a1d770 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_hppa.deb</a> Size/MD5 checksum: 2735540 ff004f914a26621775d0247834e78cae <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_hppa.deb</a> Size/MD5 checksum: 33210 c035eeb23dc4a1e04444065ae75f7b24 Intel IA-32 architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_i386.deb</a> Size/MD5 checksum: 585382 a27a344126f78b50c6874887ba8a7dec <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_i386.deb</a> Size/MD5 checksum: 526956 2ae05903f4a08189e5319c4ca869828a <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_i386.deb</a> Size/MD5 checksum: 3578468 e6a886c21a58d96083d0385ef602df75 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_i386.deb</a> Size/MD5 checksum: 762180 e7d2c75b547db6c71e77395461c62e82 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_i386.deb</a> Size/MD5 checksum: 2491880 f01678cc32a118929a22ee765ccd4768 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_i386.deb</a> Size/MD5 checksum: 32094 56c5c6dded2172596d6bbea68d94068e Intel IA-64 architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_ia64.deb</a> Size/MD5 checksum: 977484 94fd1bb72f48559786abedc8b0ea6107 <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_ia64.deb</a> Size/MD5 checksum: 1006 9272b8f38e0b68c7143401bbe0dd10b3 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_ia64.deb</a> Size/MD5 checksum: 4335608 4caae66d357b7c8f6a9d3b6ec1b98ac1 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_ia64.deb</a> Size/MD5 checksum: 1153272 e61d597589339745c714ada2fa54d397 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_ia64.deb</a> Size/MD5 checksum: 3364174 d31a368b96392b89af59fbb529c81d20 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_ia64.deb</a> Size/MD5 checksum: 51270 84b6fde3b7ed1898b59267b994efb4ff Little endian MIPS architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_mipsel.deb</a> Size/MD5 checksum: 687114 8973b906567dd752c73039a89dcb14ee <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_mipsel.deb</a> Size/MD5 checksum: 1012 47029166d1e495ad05a251d4946fbdc2 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_mipsel.deb</a> Size/MD5 checksum: 3413386 5ff0e279c6934b01d4bf163a5b171584 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_mipsel.deb</a> Size/MD5 checksum: 784352 dece00126cd1cf8c07ec673bd8043e6d <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_mipsel.deb</a> Size/MD5 checksum: 2729528 194373b4343008cc33b345744b7935fa <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_mipsel.deb</a> Size/MD5 checksum: 32336 98092e70a5ea30153ec32f1d87cde1e4 PowerPC architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_powerpc.deb</a> Size/MD5 checksum: 653158 7b39e1fb1a940e19ebe4e9df9f6c1abb <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_powerpc.deb</a> Size/MD5 checksum: 1010 4f68cd00058bfe50e5353cc2f1027e30 <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_powerpc.deb</a> Size/MD5 checksum: 3824518 514b283d68bdb8ab5f8211b86fba6dd7 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_powerpc.deb</a> Size/MD5 checksum: 810514 54511356fc749a7518d6339d4832ab3e <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_powerpc.deb</a> Size/MD5 checksum: 2709230 f62606ee2641c529eed8d6f2aff8489e <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_powerpc.deb</a> Size/MD5 checksum: 32902 de438d275e8c95f5dba5096386f3bdbd Sun Sparc architecture: <a href="http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_sparc.deb</a> Size/MD5 checksum: 594254 32f78d47a9fdb90ac99363642330cea5 <a href="http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_sparc.deb</a> Size/MD5 checksum: 1012 b4cdde1e439f59c484701a503271f3ba <a href="http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_sparc.deb</a> Size/MD5 checksum: 3796708 d85383c57b38d1da74f5d4fed6e33c02 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_sparc.deb</a> Size/MD5 checksum: 783042 675e8693a697b670936108a3baeded7f <a href="http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_sparc.deb</a> Size/MD5 checksum: 2565704 7419d49d4b7ac54b849d432177a3ff36 <a href="http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_sparc.deb</a> Size/MD5 checksum: 31072 40d9e6abb0fd11019912c4877c8bf3ac 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade RedHat ------ RedHat已经为此发布了安全公告(RHSA-2007:1011-01,RHSA-2007:0966-01)以及相应补丁: RHSA-2007:1011-01:Important: perl security update 链接:<a href="https://www.redhat.com/support/errata/RHSA-2007-1011.html" target="_blank">https://www.redhat.com/support/errata/RHSA-2007-1011.html</a> RHSA-2007:0966-01:Important: perl security update 链接:<a href="https://www.redhat.com/support/errata/RHSA-2007-0966.html" target="_blank">https://www.redhat.com/support/errata/RHSA-2007-0966.html</a>
idSSV:2397
last seen2017-11-19
modified2007-11-08
published2007-11-08
reporterRoot
titlePerl Unicode正则表达式堆溢出漏洞

References