Vulnerabilities > CVE-2018-18314 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

critical

nessus

NVD

Published: 2018-12-07

Updated: 2023-11-07

Summary

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Vulnerable Configurations

Part	Description	Count
Application	Perl Perl Perl - Perl Perl 0.1 Perl Perl 0.2 Perl Perl 0.3 Perl Perl 0.4 Perl Perl 0.5 Perl Perl 0.52 Perl Perl 0.61 Perl Perl 0.62 Perl Perl 0.63 Perl Perl 0.64 Perl Perl 0.65 Perl Perl 0.66 Perl Perl 0.67 Perl Perl 0.68 Perl Perl 0.69 Perl Perl 0.70 Perl Perl 0.71 Perl Perl 0.72 Perl Perl 0.73 Perl Perl 0.80 Perl Perl 0.81 Perl Perl 0.82 Perl Perl 0.83 Perl Perl 0.84 Perl Perl 0.85 Perl Perl 0.86 Perl Perl 0.87 Perl Perl 0.88 Perl Perl 0.89 Perl Perl 0.90 Perl Perl 0.91 Perl Perl 0.92 Perl Perl 0.93 Perl Perl 0.94 Perl Perl 0.95 Perl Perl 0.96 Perl Perl 0.97 Perl Perl 0.98 Perl Perl 0.99 Perl Perl 1.00 Perl Perl 1.0.15 Perl Perl 1.0.16 Perl Perl 1.01 Perl Perl 1.20 Perl Perl 1.21 Perl Perl 1.22 Perl Perl 1.31 Perl Perl 1.32 Perl Perl 1.40 Perl Perl 1.41 Perl Perl 1.42 Perl Perl 1.43 Perl Perl 1.44 Perl Perl 1.45 Perl Perl 1.46 Perl Perl 1.47 Perl Perl 1.48 Perl Perl 1.49 Perl Perl 2.0.0 Perl Perl 2.1.0 Perl Perl 2.1.1 Perl Perl 2.1.2 Perl Perl 2.1.3 Perl Perl 2.2.0 Perl Perl 2.2.1 Perl Perl 2.2.2 Perl Perl 2.3.0 Perl Perl 2.4.0 Perl Perl 2.5.0 Perl Perl 2.5.1 Perl Perl 2.6.0 Perl Perl 2.6.1 Perl Perl 2.6.2 Perl Perl 2.6.3 Perl Perl 2.6.4 Perl Perl 2.6.5 Perl Perl 2.6.6 Perl Perl 2.7.0 Perl Perl 2.7.1 Perl Perl 2.7.2 Perl Perl 2.8.0 Perl Perl 2.8.1 Perl Perl 2.8.2 Perl Perl 2.8.3 Perl Perl 2.8.4 Perl Perl 2.8.5 Perl Perl 2.8.6 Perl Perl 2.8.7 Perl Perl 2.8.8 Perl Perl 2.9.0 Perl Perl 2.9.1 Perl Perl 2.9.2 Perl Perl 2.10.0 Perl Perl 2.10.1 Perl Perl 2.10.2 Perl Perl 2.10.3 Perl Perl 2.10.4 Perl Perl 2.10.5 Perl Perl 2.10.6 Perl Perl 2.10.7 Perl Perl 2.11.0 Perl Perl 2.11.1 Perl Perl 2.11.2 Perl Perl 2.11.3 Perl Perl 2.11.4 Perl Perl 2.11.5 Perl Perl 2.11.6 Perl Perl 2.11.7 Perl Perl 2.11.8 Perl Perl 2.12.0 Perl Perl 2.13.0 Perl Perl 2.14.0 Perl Perl 2.14.1 Perl Perl 2.15.0 Perl Perl 2.15.1 Perl Perl 2.16.0 Perl Perl 2.16.1 Perl Perl 2.17.0 Perl Perl 2.17.1 Perl Perl 2.17.2 Perl Perl 2.18.0 Perl Perl 2.18.1 Perl Perl 5.000 Perl Perl 5.000O Perl Perl 5.001 Perl Perl 5.001N Perl Perl 5.002 Perl Perl 5.002_01 Perl Perl 5.003 Perl Perl 5.003_01 Perl Perl 5.003_02 Perl Perl 5.003_03 Perl Perl 5.003_04 Perl Perl 5.003_05 Perl Perl 5.003_07 Perl Perl 5.003_08 Perl Perl 5.003_09 Perl Perl 5.003_10 Perl Perl 5.003_11 Perl Perl 5.003_12 Perl Perl 5.003_13 Perl Perl 5.003_14 Perl Perl 5.003_15 Perl Perl 5.003_16 Perl Perl 5.003_17 Perl Perl 5.003_18 Perl Perl 5.003_19 Perl Perl 5.003_20 Perl Perl 5.003_21 Perl Perl 5.003_22 Perl Perl 5.003_23 Perl Perl 5.003_24 Perl Perl 5.003_25 Perl Perl 5.003_26 Perl Perl 5.003_27 Perl Perl 5.003_28 Perl Perl 5.003_90 Perl Perl 5.003_91 Perl Perl 5.003_92 Perl Perl 5.003_93 Perl Perl 5.003_94 Perl Perl 5.003_95 Perl Perl 5.003_96 Perl Perl 5.003_97 Perl Perl 5.003_97A Perl Perl 5.003_97B Perl Perl 5.003_97C Perl Perl 5.003_97D Perl Perl 5.003_97E Perl Perl 5.003_97F Perl Perl 5.003_97G Perl Perl 5.003_97H Perl Perl 5.003_97I Perl Perl 5.003_97J Perl Perl 5.003_98 Perl Perl 5.003_99 Perl Perl 5.003_99A Perl Perl 5.004 Perl Perl 5.004_01 Perl Perl 5.004_02 Perl Perl 5.004_03 Perl Perl 5.004_04 Perl Perl 5.004_05 Perl Perl 5.005 Perl Perl 5.005_01 Perl Perl 5.005_02 Perl Perl 5.005_03 Perl Perl 5.005_04 Perl Perl 5.6 Perl Perl 5.6.0 Perl Perl 5.6.1 Perl Perl 5.6.2 Perl Perl 5.7.3 Perl Perl 5.8 Perl Perl 5.8.0 Perl Perl 5.8.1 Perl Perl 5.8.2 Perl Perl 5.8.3 Perl Perl 5.8.4 Perl Perl 5.8.5 Perl Perl 5.8.6 Perl Perl 5.8.7 Perl Perl 5.8.8 Perl Perl 5.8.9 Perl Perl 5.8.10 Perl Perl 5.9.0 Perl Perl 5.9.1 Perl Perl 5.9.2 Perl Perl 5.9.3 Perl Perl 5.9.4 Perl Perl 5.9.5 Perl Perl 5.10 Perl Perl 5.10.0 Perl Perl 5.10.1 Perl Perl 5.11.0 Perl Perl 5.11.1 Perl Perl 5.11.2 Perl Perl 5.11.3 Perl Perl 5.11.4 Perl Perl 5.11.5 Perl Perl 5.12.0 Perl Perl 5.12.1 Perl Perl 5.12.2 Perl Perl 5.12.3 Perl Perl 5.12.4 Perl Perl 5.12.5 Perl Perl 5.13.0 Perl Perl 5.13.1 Perl Perl 5.13.2 Perl Perl 5.13.3 Perl Perl 5.13.4 Perl Perl 5.13.5 Perl Perl 5.13.6 Perl Perl 5.13.7 Perl Perl 5.13.8 Perl Perl 5.13.9 Perl Perl 5.13.10 Perl Perl 5.13.11 Perl Perl 5.14.0 Perl Perl 5.14.1 Perl Perl 5.14.2 Perl Perl 5.14.3 Perl Perl 5.14.4 Perl Perl 5.15.0 Perl Perl 5.15.1 Perl Perl 5.15.2 Perl Perl 5.15.3 Perl Perl 5.15.4 Perl Perl 5.15.5 Perl Perl 5.15.6 Perl Perl 5.15.7 Perl Perl 5.15.8 Perl Perl 5.15.9 Perl Perl 5.16.0 Perl Perl 5.16.1 Perl Perl 5.16.2 Perl Perl 5.16.3 Perl Perl 5.17.0 Perl Perl 5.17.1 Perl Perl 5.17.2 Perl Perl 5.17.3 Perl Perl 5.17.4 Perl Perl 5.17.5 Perl Perl 5.17.6 Perl Perl 5.17.7 Perl Perl 5.17.7.0 Perl Perl 5.17.8 Perl Perl 5.17.9 Perl Perl 5.17.10 Perl Perl 5.17.11 Perl Perl 5.18.0 Perl Perl 5.18.1 Perl Perl 5.18.2 Perl Perl 5.18.3 Perl Perl 5.18.4 Perl Perl 5.19.0 Perl Perl 5.19.1 Perl Perl 5.19.2 Perl Perl 5.19.3 Perl Perl 5.19.4 Perl Perl 5.19.5 Perl Perl 5.19.6 Perl Perl 5.19.7 Perl Perl 5.19.8 Perl Perl 5.19.9 Perl Perl 5.19.10 Perl Perl 5.19.11 Perl Perl 5.20.0 Perl Perl 5.20.1 Perl Perl 5.20.2 Perl Perl 5.20.3 Perl Perl 5.21.0 Perl Perl 5.21.1 Perl Perl 5.21.2 Perl Perl 5.21.3 Perl Perl 5.21.4 Perl Perl 5.21.5 Perl Perl 5.21.6 Perl Perl 5.21.7 Perl Perl 5.21.8 Perl Perl 5.21.9 Perl Perl 5.21.10 Perl Perl 5.21.11 Perl Perl 5.22 Perl Perl 5.22.0 Perl Perl 5.22.1 Perl Perl 5.22.2 Perl Perl 5.22.3 Perl Perl 5.22.4 Perl Perl 5.23.0 Perl Perl 5.23.1 Perl Perl 5.23.2 Perl Perl 5.23.3 Perl Perl 5.23.4 Perl Perl 5.23.5 Perl Perl 5.23.6 Perl Perl 5.23.7 Perl Perl 5.23.8 Perl Perl 5.23.9 Perl Perl 5.24.0 Perl Perl 5.24.1 Perl Perl 5.24.2 Perl Perl 5.24.3 Perl Perl 5.24.4 Perl Perl 5.25.0 Perl Perl 5.25.1 Perl Perl 5.25.2 Perl Perl 5.25.3 Perl Perl 5.25.4 Perl Perl 5.25.5 Perl Perl 5.25.6 Perl Perl 5.25.7 Perl Perl 5.25.8 Perl Perl 5.25.9 Perl Perl 5.25.10 Perl Perl 5.25.11 Perl Perl 5.25.12 Perl Perl 5.26.0 Perl Perl 5.26.1 Perl Perl 5.26.2	421
Application	Netapp Netapp E Series Santricity OS Controller 11.0 Netapp E Series Santricity OS Controller 11.0.0 Netapp E Series Santricity OS Controller 11.20 Netapp E Series Santricity OS Controller 11.25 Netapp E Series Santricity OS Controller 11.30 Netapp E Series Santricity OS Controller 11.30.5R3 Netapp E Series Santricity OS Controller 11.40 Netapp Snap Creator Framework - Netapp Snapdrive - Netapp Snapcenter -	10
OS	Canonical Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10	4
OS	Debian Debian Debian Linux 9.0	1
OS	Redhat Redhat Enterprise Linux 7.4 Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 7.5 Redhat Enterprise Linux 7.6	5

Common Weakness Enumeration (CWE)

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Common Attack Pattern Enumeration and Classification (CAPEC)

Buffer Overflow via Environment Variables
This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
Overflow Buffers
Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
Client-side Injection-induced Buffer Overflow
This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
Filter Failure through Buffer Overflow
In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
MIME Conversion
An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2018-CA03363D57.NASL
description	Security fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2019-01-03
plugin id	120786
published	2019-01-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/120786
title	Fedora 28 : 4:perl (2018-ca03363d57)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2018-ca03363d57. # include("compat.inc"); if (description) { script_id(120786); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314"); script_xref(name:"FEDORA", value:"2018-ca03363d57"); script_name(english:"Fedora 28 : 4:perl (2018-ca03363d57)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Security fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-ca03363d57" ); script_set_attribute( attribute:"solution", value:"Update the affected 4:perl package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:4:perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:28"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05"); script_set_attribute(attribute:"patch_publication_date", value:"2018/12/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^28([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 28", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC28", reference:"perl-5.26.3-415.fc28", epoch:"4")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "4:perl"); }

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-3834-1.NASL
description	Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18312) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313) Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18314). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-13
modified	2018-12-04
plugin id	119337
published	2018-12-04
reporter	Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119337
title	Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : perl vulnerabilities (USN-3834-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-3834-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(119337); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/19"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314"); script_xref(name:"USN", value:"3834-1"); script_xref(name:"IAVA", value:"2018-A-0407-S"); script_name(english:"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : perl vulnerabilities (USN-3834-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18312) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313) Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18314). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/3834-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected perl package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05"); script_set_attribute(attribute:"patch_publication_date", value:"2018/12/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/12/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(14\.04\|16\.04\|18\.04\|18\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 14.04 / 16.04 / 18.04 / 18.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"14.04", pkgname:"perl", pkgver:"5.18.2-2ubuntu1.7")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"perl", pkgver:"5.22.1-9ubuntu0.6")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"perl", pkgver:"5.26.1-6ubuntu0.3")) flag++; if (ubuntu_check(osver:"18.10", pkgname:"perl", pkgver:"5.26.2-7ubuntu0.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl"); }

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201909-01.NASL
description	The remote host is affected by the vulnerability described in GLSA-201909-01 (Perl: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	128590
published	2019-09-09
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128590
title	GLSA-201909-01 : Perl: Multiple vulnerabilities
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201909-01. # # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(128590); script_version("1.2"); script_cvs_date("Date: 2019/12/31"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314", "CVE-2018-6797", "CVE-2018-6798", "CVE-2018-6913"); script_xref(name:"GLSA", value:"201909-01"); script_name(english:"GLSA-201909-01 : Perl: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201909-01 (Perl: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201909-01" ); script_set_attribute( attribute:"solution", value: "All Perl users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/perl-5.28.2'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/17"); script_set_attribute(attribute:"patch_publication_date", value:"2019/09/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"dev-lang/perl", unaffected:make_list("ge 5.28.2"), vulnerable:make_list("lt 5.28.2"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Perl"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-1029.NASL
description	This update for perl fixes the following issues : Secuirty issues fixed : - CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). - CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	123159
published	2019-03-27
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123159
title	openSUSE Security Update : perl (openSUSE-2019-1029)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-1029. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(123159); script_version("1.2"); script_cvs_date("Date: 2020/01/31"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314"); script_name(english:"openSUSE Security Update : perl (openSUSE-2019-1029)"); script_summary(english:"Check for the openSUSE-2019-1029 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for perl fixes the following issues : Secuirty issues fixed : - CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). - CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1114674" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1114675" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1114681" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1114686" ); script_set_attribute(attribute:"solution", value:"Update the affected perl packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-base-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-base-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-debugsource"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05"); script_set_attribute(attribute:"patch_publication_date", value:"2019/03/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/27"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"perl-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-base-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-base-debuginfo-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-debuginfo-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-debugsource-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"perl-32bit-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"perl-32bit-debuginfo-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"perl-base-32bit-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"perl-base-32bit-debuginfo-5.26.1-lp150.6.6.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl-32bit / perl-32bit-debuginfo / perl / perl-base-32bit / etc"); }

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4347.NASL
description	Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. - CVE-2018-18312 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow write during compilation, potentially allowing arbitrary code execution. - CVE-2018-18313 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow read during compilation which leads to information leak. - CVE-2018-18314 Jakub Wilk discovered that a specially crafted regular expression could lead to a heap-based buffer overflow.
last seen	2020-06-01
modified	2020-06-02
plugin id	119290
published	2018-11-30
reporter	This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119290
title	Debian DSA-4347-1 : perl - security update
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-4347. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(119290); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/19"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314"); script_xref(name:"DSA", value:"4347"); script_xref(name:"IAVA", value:"2018-A-0407-S"); script_name(english:"Debian DSA-4347-1 : perl - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. - CVE-2018-18312 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow write during compilation, potentially allowing arbitrary code execution. - CVE-2018-18313 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow read during compilation which leads to information leak. - CVE-2018-18314 Jakub Wilk discovered that a specially crafted regular expression could lead to a heap-based buffer overflow." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2018-18311" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2018-18312" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2018-18313" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2018-18314" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/perl" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/stretch/perl" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4347" ); script_set_attribute( attribute:"solution", value: "Upgrade the perl packages. For the stable distribution (stretch), these problems have been fixed in version 5.24.1-3+deb9u5." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05"); script_set_attribute(attribute:"patch_publication_date", value:"2018/11/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"9.0", prefix:"libperl-dev", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"libperl5.24", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"perl", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"perl-base", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"perl-debug", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"perl-doc", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"perl-modules-5.24", reference:"5.24.1-3+deb9u5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2018-4187-1.NASL
description	This update for perl fixes the following issues : Secuirty issues fixed : CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2019-01-02
plugin id	120189
published	2019-01-02
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/120189
title	SUSE SLED15 / SLES15 Security Update : perl (SUSE-SU-2018:4187-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:4187-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(120189); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/16"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314"); script_name(english:"SUSE SLED15 / SLES15 Security Update : perl (SUSE-SU-2018:4187-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for perl fixes the following issues : Secuirty issues fixed : CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114674" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114675" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114681" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114686" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-18311/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-18312/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-18313/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-18314/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20184187-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1f588e88" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Module for Development Tools 15:zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2018-2984=1 SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2984=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-base-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-debugsource"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05"); script_set_attribute(attribute:"patch_publication_date", value:"2018/12/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S\|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED15\|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0", os_ver + " SP" + sp); if (os_ver == "SLED15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"perl-32bit-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"perl-base-32bit-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"perl-base-32bit-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"perl-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"perl-base-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"perl-base-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"perl-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"perl-debugsource-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"perl-32bit-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"perl-base-32bit-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"perl-base-32bit-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"perl-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"perl-base-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"perl-base-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"perl-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"perl-debugsource-5.26.1-7.6.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2018-1595.NASL
description	This update for perl fixes the following issues : Secuirty issues fixed : - CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). - CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-05
modified	2018-12-24
plugin id	119863
published	2018-12-24
reporter	This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119863
title	openSUSE Security Update : perl (openSUSE-2018-1595)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2018-9DBE983805.NASL
description	Security fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2019-01-03
plugin id	120656
published	2019-01-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/120656
title	Fedora 29 : 4:perl (2018-9dbe983805)

Redhat

advisories

rhsa
id RHSA-2019:0001
rhsa
id RHSA-2019:0010

rpms

rh-perl526-perl-4:5.26.3-405.el7
rh-perl526-perl-Attribute-Handlers-0:0.99-405.el7
rh-perl526-perl-Devel-Peek-0:1.26-405.el7
rh-perl526-perl-Devel-SelfStubber-0:1.06-405.el7
rh-perl526-perl-Errno-0:1.28-405.el7
rh-perl526-perl-ExtUtils-Embed-0:1.34-405.el7
rh-perl526-perl-ExtUtils-Miniperl-0:1.06-405.el7
rh-perl526-perl-IO-0:1.38-405.el7
rh-perl526-perl-IO-Zlib-1:1.10-405.el7
rh-perl526-perl-Locale-Maketext-Simple-1:0.21-405.el7
rh-perl526-perl-Math-Complex-0:1.59-405.el7
rh-perl526-perl-Memoize-0:1.03-405.el7
rh-perl526-perl-Module-CoreList-1:5.20181130-1.el7
rh-perl526-perl-Module-CoreList-tools-1:5.20181130-1.el7
rh-perl526-perl-Module-Loaded-1:0.08-405.el7
rh-perl526-perl-Net-Ping-0:2.55-405.el7
rh-perl526-perl-Pod-Html-0:1.22.02-405.el7
rh-perl526-perl-SelfLoader-0:1.23-405.el7
rh-perl526-perl-Test-0:1.30-405.el7
rh-perl526-perl-Time-Piece-0:1.31-405.el7
rh-perl526-perl-debuginfo-4:5.26.3-405.el7
rh-perl526-perl-devel-4:5.26.3-405.el7
rh-perl526-perl-interpreter-4:5.26.3-405.el7
rh-perl526-perl-libnetcfg-4:5.26.3-405.el7
rh-perl526-perl-libs-4:5.26.3-405.el7
rh-perl526-perl-macros-4:5.26.3-405.el7
rh-perl526-perl-open-0:1.11-405.el7
rh-perl526-perl-tests-4:5.26.3-405.el7
rh-perl526-perl-utils-0:5.26.3-405.el7
rh-perl524-perl-4:5.24.0-381.el6
rh-perl524-perl-4:5.24.0-381.el7
rh-perl524-perl-Attribute-Handlers-0:0.99-381.el6
rh-perl524-perl-Attribute-Handlers-0:0.99-381.el7
rh-perl524-perl-Devel-Peek-0:1.23-381.el6
rh-perl524-perl-Devel-Peek-0:1.23-381.el7
rh-perl524-perl-Devel-SelfStubber-0:1.05-381.el6
rh-perl524-perl-Devel-SelfStubber-0:1.05-381.el7
rh-perl524-perl-Errno-0:1.25-381.el6
rh-perl524-perl-Errno-0:1.25-381.el7
rh-perl524-perl-ExtUtils-Embed-0:1.33-381.el6
rh-perl524-perl-ExtUtils-Embed-0:1.33-381.el7
rh-perl524-perl-ExtUtils-Miniperl-0:1.05-381.el6
rh-perl524-perl-ExtUtils-Miniperl-0:1.05-381.el7
rh-perl524-perl-IO-0:1.36-381.el6
rh-perl524-perl-IO-0:1.36-381.el7
rh-perl524-perl-IO-Zlib-1:1.10-381.el6
rh-perl524-perl-IO-Zlib-1:1.10-381.el7
rh-perl524-perl-Locale-Maketext-Simple-1:0.21-381.el6
rh-perl524-perl-Locale-Maketext-Simple-1:0.21-381.el7
rh-perl524-perl-Math-BigInt-FastCalc-0:0.40-381.el6
rh-perl524-perl-Math-BigInt-FastCalc-0:0.40-381.el7
rh-perl524-perl-Math-BigRat-0:0.2608.02-381.el6
rh-perl524-perl-Math-BigRat-0:0.2608.02-381.el7
rh-perl524-perl-Math-Complex-0:1.59-381.el6
rh-perl524-perl-Math-Complex-0:1.59-381.el7
rh-perl524-perl-Memoize-0:1.03-381.el6
rh-perl524-perl-Memoize-0:1.03-381.el7
rh-perl524-perl-Module-Loaded-1:0.08-381.el6
rh-perl524-perl-Module-Loaded-1:0.08-381.el7
rh-perl524-perl-Net-Ping-0:2.43-381.el6
rh-perl524-perl-Net-Ping-0:2.43-381.el7
rh-perl524-perl-Pod-Html-0:1.22-381.el6
rh-perl524-perl-Pod-Html-0:1.22-381.el7
rh-perl524-perl-SelfLoader-0:1.23-381.el6
rh-perl524-perl-SelfLoader-0:1.23-381.el7
rh-perl524-perl-Test-0:1.28-381.el6
rh-perl524-perl-Test-0:1.28-381.el7
rh-perl524-perl-Time-Piece-0:1.31-381.el6
rh-perl524-perl-Time-Piece-0:1.31-381.el7
rh-perl524-perl-bignum-0:0.42-381.el6
rh-perl524-perl-bignum-0:0.42-381.el7
rh-perl524-perl-core-0:5.24.0-381.el6
rh-perl524-perl-core-0:5.24.0-381.el7
rh-perl524-perl-debuginfo-4:5.24.0-381.el6
rh-perl524-perl-debuginfo-4:5.24.0-381.el7
rh-perl524-perl-devel-4:5.24.0-381.el6
rh-perl524-perl-devel-4:5.24.0-381.el7
rh-perl524-perl-libnetcfg-4:5.24.0-381.el6
rh-perl524-perl-libnetcfg-4:5.24.0-381.el7
rh-perl524-perl-libs-4:5.24.0-381.el6
rh-perl524-perl-libs-4:5.24.0-381.el7
rh-perl524-perl-macros-4:5.24.0-381.el6
rh-perl524-perl-macros-4:5.24.0-381.el7
rh-perl524-perl-open-0:1.10-381.el6
rh-perl524-perl-open-0:1.10-381.el7
rh-perl524-perl-tests-4:5.24.0-381.el6
rh-perl524-perl-tests-4:5.24.0-381.el7
rh-perl524-perl-utils-0:5.24.0-381.el6
rh-perl524-perl-utils-0:5.24.0-381.el7

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Redhat

References