Vulnerabilities > CVE-2018-18311 - Integer Overflow or Wraparound vulnerability in multiple products

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Vulnerable Configurations

Part Description Count
Application
Perl
426
Application
Netapp
4
Application
Redhat
1
Application
Mcafee
37
OS
Canonical
5
OS
Debian
2
OS
Redhat
11
OS
Apple
158
OS
Fedoraproject
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-CA03363D57.NASL
    descriptionSecurity fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120786
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120786
    titleFedora 28 : 4:perl (2018-ca03363d57)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2018-ca03363d57.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(120786);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314");
      script_xref(name:"FEDORA", value:"2018-ca03363d57");
    
      script_name(english:"Fedora 28 : 4:perl (2018-ca03363d57)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and
    CVE-2018-18314
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-ca03363d57"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected 4:perl package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:4:perl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:28");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/12/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^28([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 28", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC28", reference:"perl-5.26.3-415.fc28", epoch:"4")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "4:perl");
    }
    
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0212_MYSQL.NASL
    descriptionAn update of the mysql package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id122922
    published2019-03-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122922
    titlePhoton OS 1.0: Mysql PHSA-2019-1.0-0212
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from VMware Security Advisory PHSA-2019-1.0-0212. The text
    # itself is copyright (C) VMware, Inc.
    
    include("compat.inc");
    
    if (description)
    {
      script_id(122922);
      script_version("1.2");
      script_cvs_date("Date: 2020/02/04");
    
      script_cve_id("CVE-2018-3155", "CVE-2019-2534");
    
      script_name(english:"Photon OS 1.0: Mysql PHSA-2019-1.0-0212");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote PhotonOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "An update of the mysql package has been released.");
      script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-1.0-212.md");
      script_set_attribute(attribute:"solution", value:
    "Update the affected Linux packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-18311");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/27");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/03/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/18");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:mysql");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"PhotonOS Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/PhotonOS/release");
    if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
    if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0");
    
    if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
    
    flag = 0;
    
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-5.7.25-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-debuginfo-5.7.25-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-devel-5.7.25-1.ph1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1717.NASL
    descriptionAccording to the version of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.(CVE-2018-18311) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-07-22
    plugin id126845
    published2019-07-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126845
    titleEulerOS 2.0 SP2 : perl (EulerOS-SA-2019-1717)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126845);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04");
    
      script_cve_id(
        "CVE-2018-18311"
      );
    
      script_name(english:"EulerOS 2.0 SP2 : perl (EulerOS-SA-2019-1717)");
      script_summary(english:"Checks the rpm output for the updated package.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing a security update.");
      script_set_attribute(attribute:"description", value:
    "According to the version of the perl packages installed, the EulerOS
    installation on the remote host is affected by the following
    vulnerability :
    
      - Perl before 5.26.3 and 5.28.x before 5.28.1 has a
        buffer overflow via a crafted regular expression that
        triggers invalid write operations.(CVE-2018-18311)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1717
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2228669f");
      script_set_attribute(attribute:"solution", value:
    "Update the affected perl package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/22");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perl-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perl-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perl-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perl-macros");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["perl-5.16.3-285.h3",
            "perl-core-5.16.3-285.h3",
            "perl-devel-5.16.3-285.h3",
            "perl-libs-5.16.3-285.h3",
            "perl-macros-5.16.3-285.h3"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2019-1180.NASL
    descriptionPerl has a buffer overflow via a crafted regular expression that triggers invalid write operations. (CVE-2018-18311)
    last seen2020-06-01
    modified2020-06-02
    plugin id123088
    published2019-03-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123088
    titleAmazon Linux AMI : perl (ALAS-2019-1180)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Amazon Linux AMI Security Advisory ALAS-2019-1180.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(123088);
      script_version("1.2");
      script_cvs_date("Date: 2020/02/03");
    
      script_cve_id("CVE-2018-18311");
      script_xref(name:"ALAS", value:"2019-1180");
    
      script_name(english:"Amazon Linux AMI : perl (ALAS-2019-1180)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Amazon Linux AMI host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Perl has a buffer overflow via a crafted regular expression that
    triggers invalid write operations. (CVE-2018-18311)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://alas.aws.amazon.com/ALAS-2019-1180.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Run 'yum update perl' to update your system."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-CPAN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-ExtUtils-CBuilder");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-ExtUtils-Embed");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-ExtUtils-Install");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-IO-Zlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Locale-Maketext-Simple");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Module-CoreList");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Module-Loaded");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Object-Accessor");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Package-Constants");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Pod-Escapes");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Time-Piece");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-macros");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-tests");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/07");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/03/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/26");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Amazon Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/AmazonLinux/release");
    if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
    os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
    os_ver = os_ver[1];
    if (os_ver != "A")
    {
      if (os_ver == 'A') os_ver = 'AMI';
      audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
    }
    
    if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (rpm_check(release:"ALA", reference:"perl-5.16.3-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-CPAN-1.9800-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-ExtUtils-CBuilder-0.28.2.6-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-ExtUtils-Embed-1.30-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-ExtUtils-Install-1.58-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-IO-Zlib-1.10-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-Locale-Maketext-Simple-0.21-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-Module-CoreList-2.76.02-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-Module-Loaded-0.08-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-Object-Accessor-0.42-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-Package-Constants-0.02-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-Pod-Escapes-1.04-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-Time-Piece-1.20.1-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-core-5.16.3-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-debuginfo-5.16.3-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-devel-5.16.3-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-libs-5.16.3-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-macros-5.16.3-294.43.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"perl-tests-5.16.3-294.43.amzn1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl / perl-CPAN / perl-ExtUtils-CBuilder / perl-ExtUtils-Embed / etc");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3834-1.NASL
    descriptionJayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18312) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313) Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18314). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-13
    modified2018-12-04
    plugin id119337
    published2018-12-04
    reporterUbuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119337
    titleUbuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : perl vulnerabilities (USN-3834-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-3834-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(119337);
      script_version("1.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/19");
    
      script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314");
      script_xref(name:"USN", value:"3834-1");
      script_xref(name:"IAVA", value:"2018-A-0407-S");
    
      script_name(english:"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : perl vulnerabilities (USN-3834-1)");
      script_summary(english:"Checks dpkg output for updated package.");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote Ubuntu host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "Jayakrishna Menon discovered that Perl incorrectly handled
    Perl_my_setenv. An attacker could use this issue to cause Perl to
    crash, resulting in a denial of service, or possibly execute arbitrary
    code. (CVE-2018-18311)
    
    Eiichi Tsukata discovered that Perl incorrectly handled certain
    regular expressions. An attacker could use this issue to cause Perl to
    crash, resulting in a denial of service, or possibly execute arbitrary
    code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and
    Ubuntu 18.10. (CVE-2018-18312)
    
    Eiichi Tsukata discovered that Perl incorrectly handled certain
    regular expressions. An attacker could use this issue to cause Perl to
    crash, resulting in a denial of service. (CVE-2018-18313)
    
    Jakub Wilk discovered that Perl incorrectly handled certain regular
    expressions. An attacker could use this issue to cause Perl to crash,
    resulting in a denial of service. This issue only affected Ubuntu
    16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18314).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/3834-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected perl package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:perl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/12/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/12/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(14\.04|16\.04|18\.04|18\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 14.04 / 16.04 / 18.04 / 18.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"14.04", pkgname:"perl", pkgver:"5.18.2-2ubuntu1.7")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"perl", pkgver:"5.22.1-9ubuntu0.6")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"perl", pkgver:"5.26.1-6ubuntu0.3")) flag++;
    if (ubuntu_check(osver:"18.10", pkgname:"perl", pkgver:"5.26.2-7ubuntu0.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190122_PERL_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311)
    last seen2020-03-18
    modified2019-01-23
    plugin id121326
    published2019-01-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121326
    titleScientific Linux Security Update : perl on SL7.x x86_64 (20190122)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1238.NASL
    descriptionAccording to the version of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.i1/4^CVE-2018-18311i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-19
    modified2019-04-04
    plugin id123706
    published2019-04-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123706
    titleEulerOS Virtualization 2.5.4 : perl (EulerOS-SA-2019-1238)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0212_LIBSOLV.NASL
    descriptionAn update of the libsolv package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id122921
    published2019-03-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122921
    titlePhoton OS 1.0: Libsolv PHSA-2019-1.0-0212
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2264-1.NASL
    descriptionThis update for perl fixes the following issues : Security issue fixed : CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id128471
    published2019-09-03
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128471
    titleSUSE SLED12 / SLES12 Security Update : perl (SUSE-SU-2019:2264-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201909-01.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201909-01 (Perl: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id128590
    published2019-09-09
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128590
    titleGLSA-201909-01 : Perl: Multiple vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1601.NASL
    descriptionJayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id119311
    published2018-12-01
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119311
    titleDebian DLA-1601-1 : perl security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1029.NASL
    descriptionThis update for perl fixes the following issues : Secuirty issues fixed : - CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). - CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id123159
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123159
    titleopenSUSE Security Update : perl (openSUSE-2019-1029)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0054_PERL.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has perl packages installed that are affected by a vulnerability: - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. (CVE-2018-18311) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id127242
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127242
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : perl Vulnerability (NS-SA-2019-0054)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1401.NASL
    descriptionAccording to the version of the perl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.i1/4^CVE-2018-18311i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-19
    modified2019-05-14
    plugin id124904
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124904
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : perl (EulerOS-SA-2019-1401)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2019-1166.NASL
    descriptionPerl has a buffer overflow via a crafted regular expression that triggers invalid write operations.(CVE-2018-18311)
    last seen2020-06-01
    modified2020-06-02
    plugin id122672
    published2019-03-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122672
    titleAmazon Linux 2 : perl (ALAS-2019-1166)
  • NASL familyMisc.
    NASL idORACLE_ENTERPRISE_MANAGER_APR_2020_CPU.NASL
    descriptionThe version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2020 CPU advisory. - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. (CVE-2018-18311) - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. OpenSSL versions 1.1.1 and 1.1.0 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b). Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j). (CVE-2019-1543) - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle OHS)). Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in takeover of Enterprise Manager Base Platform. (CVE-2020-2961) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-23
    modified2020-04-16
    plugin id135679
    published2020-04-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135679
    titleOracle Enterprise Manager Cloud Control (Apr 2020 CPU)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1942.NASL
    descriptionAn update for perl is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es) : * perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id127629
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127629
    titleRHEL 7 : perl (RHSA-2019:1942)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2400.NASL
    descriptionAn update for perl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es) : * perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id127717
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127717
    titleRHEL 7 : perl (RHSA-2019:2400)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0212_PYTHON3.NASL
    descriptionAn update of the python3 package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id122924
    published2019-03-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122924
    titlePhoton OS 1.0: Python3 PHSA-2019-1.0-0212
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0212_RSYSLOG.NASL
    descriptionAn update of the rsyslog package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id122925
    published2019-03-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122925
    titlePhoton OS 1.0: Rsyslog PHSA-2019-1.0-0212
  • NASL familyMacOS X Local Security Checks
    NASL idMACOS_10_14_4.NASL
    descriptionThe remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.4. It is, therefore, affected by multiple vulnerabilities, including: - Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. (CVE-2019-8508) - An application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8529) - A malicious application may be able to execute arbitrary code with system privileges (CVE-2019-8549)
    last seen2020-06-01
    modified2020-06-02
    plugin id123128
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123128
    titlemacOS 10.14.x < 10.14.4 Multiple Vulnerabilities
  • NASL familyMacOS X Local Security Checks
    NASL idMACOS_SECUPD_10_13_6_2019-002.NASL
    descriptionThe remote host is running macOS 10.13.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities including: - An application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8529) - A local user may be able to read kernel memory. (CVE-2019-8504) - A malicious application may be able to determine kernel memory layout. (CVE-2019-6207, CVE-2019-8510) - 802.1X - DiskArbitration - Feedback Assistant - IOKit - IOKit SCSI - Kernel - PackageKit - Perl - Security - Time Machine - Wi-Fi
    last seen2020-03-18
    modified2019-03-27
    plugin id123130
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123130
    titlemacOS 10.13.6 Multiple Vulnerabilities (Security Update 2019-002)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOS_SECUPD_10_12_6_2019-002.NASL
    descriptionThe remote host is running Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities including: - A malicious application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8555) - A malicious application may be able to determine kernel memory layout. (CVE-2019-6207, CVE-2019-8510) - A malicious application may be able to read restricted memory. (CVE-2019-8520) - 802.1X - DiskArbitration - Feedback Assistant - IOKit - IOKit SCSI - Kernel - PackageKit - Perl - Security - Time Machine - Wi-Fi
    last seen2020-06-01
    modified2020-06-02
    plugin id123129
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123129
    titlemacOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-002)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4347.NASL
    descriptionMultiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. - CVE-2018-18312 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow write during compilation, potentially allowing arbitrary code execution. - CVE-2018-18313 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow read during compilation which leads to information leak. - CVE-2018-18314 Jakub Wilk discovered that a specially crafted regular expression could lead to a heap-based buffer overflow.
    last seen2020-06-01
    modified2020-06-02
    plugin id119290
    published2018-11-30
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119290
    titleDebian DSA-4347-1 : perl - security update
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-0109.NASL
    descriptionFrom Red Hat Security Advisory 2019:0109 : An update for perl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es) : * perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Perl project for reporting this issue. Upstream acknowledges Jayakrishna Menon as the original reporter.
    last seen2020-03-18
    modified2019-01-22
    plugin id121279
    published2019-01-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121279
    titleOracle Linux 7 : perl (ELSA-2019-0109)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-4187-1.NASL
    descriptionThis update for perl fixes the following issues : Secuirty issues fixed : CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2019-01-02
    plugin id120189
    published2019-01-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120189
    titleSUSE SLED15 / SLES15 Security Update : perl (SUSE-SU-2018:4187-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1464.NASL
    descriptionAccording to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.(CVE-2018-18311) - It was found that the Archive::Tar module did not properly sanitize symbolic links when extracting tar archives. An attacker, able to provide a specially crafted archive for processing, could use this flaw to write or overwrite arbitrary files in the context of the Perl interpreter.(CVE-2018-12015) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124967
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124967
    titleEulerOS Virtualization 3.0.1.0 : perl (EulerOS-SA-2019-1464)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0212_UTIL.NASL
    descriptionAn update of the util package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id122926
    published2019-03-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122926
    titlePhoton OS 1.0: Util PHSA-2019-1.0-0212
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-1595.NASL
    descriptionThis update for perl fixes the following issues : Secuirty issues fixed : - CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). - CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-05
    modified2018-12-24
    plugin id119863
    published2018-12-24
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119863
    titleopenSUSE Security Update : perl (openSUSE-2018-1595)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1039.NASL
    descriptionAccording to the version of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.(CVE-2018-18311) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-02-15
    plugin id122212
    published2019-02-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122212
    titleEulerOS 2.0 SP5 : perl (EulerOS-SA-2019-1039)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0212_KEEPALIVED.NASL
    descriptionAn update of the keepalived package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id122920
    published2019-03-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122920
    titlePhoton OS 1.0: Keepalived PHSA-2019-1.0-0212
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-0109.NASL
    descriptionAn update for perl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es) : * perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Perl project for reporting this issue. Upstream acknowledges Jayakrishna Menon as the original reporter.
    last seen2020-03-18
    modified2019-01-22
    plugin id121280
    published2019-01-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121280
    titleRHEL 7 : perl (RHSA-2019:0109)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-0109.NASL
    descriptionAn update for perl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es) : * perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Perl project for reporting this issue. Upstream acknowledges Jayakrishna Menon as the original reporter.
    last seen2020-03-17
    modified2019-01-25
    plugin id121371
    published2019-01-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121371
    titleCentOS 7 : perl (CESA-2019:0109)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-9DBE983805.NASL
    descriptionSecurity fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120656
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120656
    titleFedora 29 : 4:perl (2018-9dbe983805)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-2_0-0135_PERL.NASL
    descriptionAn update of the perl package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id122912
    published2019-03-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122912
    titlePhoton OS 2.0: Perl PHSA-2019-2.0-0135
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1099.NASL
    descriptionAccording to the version of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.(CVE-2018-18311) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-03-26
    plugin id123112
    published2019-03-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123112
    titleEulerOS 2.0 SP3 : perl (EulerOS-SA-2019-1099)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1790.NASL
    descriptionAn update for perl is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es) : * perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id126758
    published2019-07-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126758
    titleRHEL 7 : perl (RHSA-2019:1790)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1239.NASL
    descriptionAccording to the version of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.i1/4^CVE-2018-18311i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-19
    modified2019-04-04
    plugin id123707
    published2019-04-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123707
    titleEulerOS Virtualization 2.5.3 : perl (EulerOS-SA-2019-1239)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0212_PERL.NASL
    descriptionAn update of the perl package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id122923
    published2019-03-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122923
    titlePhoton OS 1.0: Perl PHSA-2019-1.0-0212

Redhat

advisories
  • bugzilla
    id1646730
    titleCVE-2018-18311 perl: Integer overflow leading to buffer overflow in Perl_my_setenv()
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentperl-tests is earlier than 4:5.16.3-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109001
          • commentperl-tests is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20190109002
        • AND
          • commentperl is earlier than 4:5.16.3-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109003
          • commentperl is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558076
        • AND
          • commentperl-devel is earlier than 4:5.16.3-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109005
          • commentperl-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558050
        • AND
          • commentperl-libs is earlier than 4:5.16.3-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109007
          • commentperl-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558040
        • AND
          • commentperl-Time-Piece is earlier than 0:1.20.1-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109009
          • commentperl-Time-Piece is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558014
        • AND
          • commentperl-macros is earlier than 4:5.16.3-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109011
          • commentperl-macros is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20190109012
        • AND
          • commentperl-core is earlier than 0:5.16.3-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109013
          • commentperl-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558022
        • AND
          • commentperl-CPAN is earlier than 0:1.9800-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109015
          • commentperl-CPAN is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558082
        • AND
          • commentperl-Object-Accessor is earlier than 1:0.42-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109017
          • commentperl-Object-Accessor is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558046
        • AND
          • commentperl-ExtUtils-Install is earlier than 0:1.58-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109019
          • commentperl-ExtUtils-Install is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20190109020
        • AND
          • commentperl-Locale-Maketext-Simple is earlier than 1:0.21-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109021
          • commentperl-Locale-Maketext-Simple is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558004
        • AND
          • commentperl-Module-CoreList is earlier than 1:2.76.02-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109023
          • commentperl-Module-CoreList is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558066
        • AND
          • commentperl-Package-Constants is earlier than 1:0.02-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109025
          • commentperl-Package-Constants is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558026
        • AND
          • commentperl-ExtUtils-Embed is earlier than 0:1.30-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109027
          • commentperl-ExtUtils-Embed is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558020
        • AND
          • commentperl-Pod-Escapes is earlier than 1:1.04-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109029
          • commentperl-Pod-Escapes is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558032
        • AND
          • commentperl-IO-Zlib is earlier than 1:1.10-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109031
          • commentperl-IO-Zlib is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558028
        • AND
          • commentperl-ExtUtils-CBuilder is earlier than 1:0.28.2.6-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109033
          • commentperl-ExtUtils-CBuilder is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558074
        • AND
          • commentperl-Module-Loaded is earlier than 1:0.08-294.el7_6
            ovaloval:com.redhat.rhsa:tst:20190109035
          • commentperl-Module-Loaded is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110558062
    rhsa
    idRHSA-2019:0109
    released2019-01-21
    severityImportant
    titleRHSA-2019:0109: perl security update (Important)
  • rhsa
    idRHBA-2019:0327
  • rhsa
    idRHSA-2019:0001
  • rhsa
    idRHSA-2019:0010
  • rhsa
    idRHSA-2019:1790
  • rhsa
    idRHSA-2019:1942
  • rhsa
    idRHSA-2019:2400
rpms
  • rh-perl526-perl-4:5.26.3-405.el7
  • rh-perl526-perl-Attribute-Handlers-0:0.99-405.el7
  • rh-perl526-perl-Devel-Peek-0:1.26-405.el7
  • rh-perl526-perl-Devel-SelfStubber-0:1.06-405.el7
  • rh-perl526-perl-Errno-0:1.28-405.el7
  • rh-perl526-perl-ExtUtils-Embed-0:1.34-405.el7
  • rh-perl526-perl-ExtUtils-Miniperl-0:1.06-405.el7
  • rh-perl526-perl-IO-0:1.38-405.el7
  • rh-perl526-perl-IO-Zlib-1:1.10-405.el7
  • rh-perl526-perl-Locale-Maketext-Simple-1:0.21-405.el7
  • rh-perl526-perl-Math-Complex-0:1.59-405.el7
  • rh-perl526-perl-Memoize-0:1.03-405.el7
  • rh-perl526-perl-Module-CoreList-1:5.20181130-1.el7
  • rh-perl526-perl-Module-CoreList-tools-1:5.20181130-1.el7
  • rh-perl526-perl-Module-Loaded-1:0.08-405.el7
  • rh-perl526-perl-Net-Ping-0:2.55-405.el7
  • rh-perl526-perl-Pod-Html-0:1.22.02-405.el7
  • rh-perl526-perl-SelfLoader-0:1.23-405.el7
  • rh-perl526-perl-Test-0:1.30-405.el7
  • rh-perl526-perl-Time-Piece-0:1.31-405.el7
  • rh-perl526-perl-debuginfo-4:5.26.3-405.el7
  • rh-perl526-perl-devel-4:5.26.3-405.el7
  • rh-perl526-perl-interpreter-4:5.26.3-405.el7
  • rh-perl526-perl-libnetcfg-4:5.26.3-405.el7
  • rh-perl526-perl-libs-4:5.26.3-405.el7
  • rh-perl526-perl-macros-4:5.26.3-405.el7
  • rh-perl526-perl-open-0:1.11-405.el7
  • rh-perl526-perl-tests-4:5.26.3-405.el7
  • rh-perl526-perl-utils-0:5.26.3-405.el7
  • rh-perl524-perl-4:5.24.0-381.el6
  • rh-perl524-perl-4:5.24.0-381.el7
  • rh-perl524-perl-Attribute-Handlers-0:0.99-381.el6
  • rh-perl524-perl-Attribute-Handlers-0:0.99-381.el7
  • rh-perl524-perl-Devel-Peek-0:1.23-381.el6
  • rh-perl524-perl-Devel-Peek-0:1.23-381.el7
  • rh-perl524-perl-Devel-SelfStubber-0:1.05-381.el6
  • rh-perl524-perl-Devel-SelfStubber-0:1.05-381.el7
  • rh-perl524-perl-Errno-0:1.25-381.el6
  • rh-perl524-perl-Errno-0:1.25-381.el7
  • rh-perl524-perl-ExtUtils-Embed-0:1.33-381.el6
  • rh-perl524-perl-ExtUtils-Embed-0:1.33-381.el7
  • rh-perl524-perl-ExtUtils-Miniperl-0:1.05-381.el6
  • rh-perl524-perl-ExtUtils-Miniperl-0:1.05-381.el7
  • rh-perl524-perl-IO-0:1.36-381.el6
  • rh-perl524-perl-IO-0:1.36-381.el7
  • rh-perl524-perl-IO-Zlib-1:1.10-381.el6
  • rh-perl524-perl-IO-Zlib-1:1.10-381.el7
  • rh-perl524-perl-Locale-Maketext-Simple-1:0.21-381.el6
  • rh-perl524-perl-Locale-Maketext-Simple-1:0.21-381.el7
  • rh-perl524-perl-Math-BigInt-FastCalc-0:0.40-381.el6
  • rh-perl524-perl-Math-BigInt-FastCalc-0:0.40-381.el7
  • rh-perl524-perl-Math-BigRat-0:0.2608.02-381.el6
  • rh-perl524-perl-Math-BigRat-0:0.2608.02-381.el7
  • rh-perl524-perl-Math-Complex-0:1.59-381.el6
  • rh-perl524-perl-Math-Complex-0:1.59-381.el7
  • rh-perl524-perl-Memoize-0:1.03-381.el6
  • rh-perl524-perl-Memoize-0:1.03-381.el7
  • rh-perl524-perl-Module-Loaded-1:0.08-381.el6
  • rh-perl524-perl-Module-Loaded-1:0.08-381.el7
  • rh-perl524-perl-Net-Ping-0:2.43-381.el6
  • rh-perl524-perl-Net-Ping-0:2.43-381.el7
  • rh-perl524-perl-Pod-Html-0:1.22-381.el6
  • rh-perl524-perl-Pod-Html-0:1.22-381.el7
  • rh-perl524-perl-SelfLoader-0:1.23-381.el6
  • rh-perl524-perl-SelfLoader-0:1.23-381.el7
  • rh-perl524-perl-Test-0:1.28-381.el6
  • rh-perl524-perl-Test-0:1.28-381.el7
  • rh-perl524-perl-Time-Piece-0:1.31-381.el6
  • rh-perl524-perl-Time-Piece-0:1.31-381.el7
  • rh-perl524-perl-bignum-0:0.42-381.el6
  • rh-perl524-perl-bignum-0:0.42-381.el7
  • rh-perl524-perl-core-0:5.24.0-381.el6
  • rh-perl524-perl-core-0:5.24.0-381.el7
  • rh-perl524-perl-debuginfo-4:5.24.0-381.el6
  • rh-perl524-perl-debuginfo-4:5.24.0-381.el7
  • rh-perl524-perl-devel-4:5.24.0-381.el6
  • rh-perl524-perl-devel-4:5.24.0-381.el7
  • rh-perl524-perl-libnetcfg-4:5.24.0-381.el6
  • rh-perl524-perl-libnetcfg-4:5.24.0-381.el7
  • rh-perl524-perl-libs-4:5.24.0-381.el6
  • rh-perl524-perl-libs-4:5.24.0-381.el7
  • rh-perl524-perl-macros-4:5.24.0-381.el6
  • rh-perl524-perl-macros-4:5.24.0-381.el7
  • rh-perl524-perl-open-0:1.10-381.el6
  • rh-perl524-perl-open-0:1.10-381.el7
  • rh-perl524-perl-tests-4:5.24.0-381.el6
  • rh-perl524-perl-tests-4:5.24.0-381.el7
  • rh-perl524-perl-utils-0:5.24.0-381.el6
  • rh-perl524-perl-utils-0:5.24.0-381.el7
  • perl-4:5.16.3-294.el7_6
  • perl-CPAN-0:1.9800-294.el7_6
  • perl-ExtUtils-CBuilder-1:0.28.2.6-294.el7_6
  • perl-ExtUtils-Embed-0:1.30-294.el7_6
  • perl-ExtUtils-Install-0:1.58-294.el7_6
  • perl-IO-Zlib-1:1.10-294.el7_6
  • perl-Locale-Maketext-Simple-1:0.21-294.el7_6
  • perl-Module-CoreList-1:2.76.02-294.el7_6
  • perl-Module-Loaded-1:0.08-294.el7_6
  • perl-Object-Accessor-1:0.42-294.el7_6
  • perl-Package-Constants-1:0.02-294.el7_6
  • perl-Pod-Escapes-1:1.04-294.el7_6
  • perl-Time-Piece-0:1.20.1-294.el7_6
  • perl-core-0:5.16.3-294.el7_6
  • perl-debuginfo-4:5.16.3-294.el7_6
  • perl-devel-4:5.16.3-294.el7_6
  • perl-libs-4:5.16.3-294.el7_6
  • perl-macros-4:5.16.3-294.el7_6
  • perl-tests-4:5.16.3-294.el7_6
  • perl-4:5.16.3-292.el7_5.1
  • perl-CPAN-0:1.9800-292.el7_5.1
  • perl-ExtUtils-CBuilder-1:0.28.2.6-292.el7_5.1
  • perl-ExtUtils-Embed-0:1.30-292.el7_5.1
  • perl-ExtUtils-Install-0:1.58-292.el7_5.1
  • perl-IO-Zlib-1:1.10-292.el7_5.1
  • perl-Locale-Maketext-Simple-1:0.21-292.el7_5.1
  • perl-Module-CoreList-1:2.76.02-292.el7_5.1
  • perl-Module-Loaded-1:0.08-292.el7_5.1
  • perl-Object-Accessor-1:0.42-292.el7_5.1
  • perl-Package-Constants-1:0.02-292.el7_5.1
  • perl-Pod-Escapes-1:1.04-292.el7_5.1
  • perl-Time-Piece-0:1.20.1-292.el7_5.1
  • perl-core-0:5.16.3-292.el7_5.1
  • perl-debuginfo-4:5.16.3-292.el7_5.1
  • perl-devel-4:5.16.3-292.el7_5.1
  • perl-libs-4:5.16.3-292.el7_5.1
  • perl-macros-4:5.16.3-292.el7_5.1
  • perl-tests-4:5.16.3-292.el7_5.1
  • perl-4:5.16.3-292.el7_4.1
  • perl-CPAN-0:1.9800-292.el7_4.1
  • perl-ExtUtils-CBuilder-1:0.28.2.6-292.el7_4.1
  • perl-ExtUtils-Embed-0:1.30-292.el7_4.1
  • perl-ExtUtils-Install-0:1.58-292.el7_4.1
  • perl-IO-Zlib-1:1.10-292.el7_4.1
  • perl-Locale-Maketext-Simple-1:0.21-292.el7_4.1
  • perl-Module-CoreList-1:2.76.02-292.el7_4.1
  • perl-Module-Loaded-1:0.08-292.el7_4.1
  • perl-Object-Accessor-1:0.42-292.el7_4.1
  • perl-Package-Constants-1:0.02-292.el7_4.1
  • perl-Pod-Escapes-1:1.04-292.el7_4.1
  • perl-Time-Piece-0:1.20.1-292.el7_4.1
  • perl-core-0:5.16.3-292.el7_4.1
  • perl-debuginfo-4:5.16.3-292.el7_4.1
  • perl-devel-4:5.16.3-292.el7_4.1
  • perl-libs-4:5.16.3-292.el7_4.1
  • perl-macros-4:5.16.3-292.el7_4.1
  • perl-tests-4:5.16.3-292.el7_4.1
  • perl-4:5.16.3-291.el7_3.1
  • perl-CPAN-0:1.9800-291.el7_3.1
  • perl-ExtUtils-CBuilder-1:0.28.2.6-291.el7_3.1
  • perl-ExtUtils-Embed-0:1.30-291.el7_3.1
  • perl-ExtUtils-Install-0:1.58-291.el7_3.1
  • perl-IO-Zlib-1:1.10-291.el7_3.1
  • perl-Locale-Maketext-Simple-1:0.21-291.el7_3.1
  • perl-Module-CoreList-1:2.76.02-291.el7_3.1
  • perl-Module-Loaded-1:0.08-291.el7_3.1
  • perl-Object-Accessor-1:0.42-291.el7_3.1
  • perl-Package-Constants-1:0.02-291.el7_3.1
  • perl-Perl4-CoreLibs-0:0.001-291.el7_3.1
  • perl-Pod-Escapes-1:1.04-291.el7_3.1
  • perl-Time-Piece-0:1.20.1-291.el7_3.1
  • perl-core-0:5.16.3-291.el7_3.1
  • perl-debuginfo-4:5.16.3-291.el7_3.1
  • perl-devel-4:5.16.3-291.el7_3.1
  • perl-libs-4:5.16.3-291.el7_3.1
  • perl-macros-4:5.16.3-291.el7_3.1
  • perl-tests-4:5.16.3-291.el7_3.1