SUSE-SA:2005:071: perl

high Nessus Plugin ID 20370

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2005:071 (perl).

Integer overflows in the format string functionality in Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap.

This requires the attacker to be able to supply format strings to the application, which unfortunately is true for some web applications.

This issue is tracked by the Mitre CVE ID CVE-2005-3962.

Solution

http://www.suse.de/security/advisories/2005_71_perl.html

Plugin Details

Severity: High

ID: 20370

File Name: suse_SA_2005_071.nasl

Version: 1.9

Agent: unix

Family: SuSE Local Security Checks

Published: 12/30/2005

Updated: 1/14/2021

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Detections

Analytics