Download
| Alert*
oval:org.secpod.oval:def:2100733
(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump ... oval:org.secpod.oval:def:89045212 This update for perl fixes the following issues: - CVE-2016-6185: xsloader looking at a directory [bsc#988311] - CVE-2016-1238: searching current directory for optional modules [bsc#987887] - CVE-2015-8853: regex engine hanging on bad utf8 [bnc976584] - CVE-2016-2381: environment dup handling bug [ ... oval:org.secpod.oval:def:89003228 This update for spamassassin to version 3.4.2 fixes the following issues: Security issues fixed: - CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails . - CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users . - CVE-2018-11780: Fixed a potential remot ... oval:org.secpod.oval:def:1800747 CVE-2017-12837: Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service via a crafted regular expression with the case-insensitive modifier. oval:org.secpod.oval:def:1000471 The remote host is missing a patch 148562-12 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000476 The remote host is missing a patch 148561-12 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1800087 CVE-2017-12837: Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service via a crafted regular expression with the case-insensitive modifier. oval:org.secpod.oval:def:111189 This module provides simple ways to query and possibly load any of the modules you have installed on your system during run-time. oval:org.secpod.oval:def:111200 This module provides simple ways to query and possibly load any of the modules you have installed on your system during run-time. oval:org.secpod.oval:def:111239 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:36409 The host is installed with Perl on RHEL 5, 6 or 7 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploiation could allow attackers to access directories without permissions. oval:org.secpod.oval:def:602570 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-1238 John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many ... oval:org.secpod.oval:def:1800471 CVE-2017-12837: Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service via a crafted regular expression with the case-insensitive modifier. oval:org.secpod.oval:def:1800302 CVE-2016-1238: loading of modules from current directory Fixed In Version: perl 5.22.3, perl 5.24.1 oval:org.secpod.oval:def:115157 SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system t ... |