Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : PCRE library (SSA:2005-242-01)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

New PCRE packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
10.1, and -current to fix a security issue. A buffer overflow could be
triggered by a specially crafted regular expression. Any applications
that use PCRE to process untrusted regular expressions may be
exploited to run arbitrary code as the user running the application.
The PCRE library is also provided in an initial installation by the
aaa_elflibs package, so if your system has a /usr/lib/libpcre.so.0
symlink, then you should install this updated package even if the PCRE
package itself is not installed on the system.

See also :

http://www.nessus.org/u?4da03b4e

Solution :

Update the affected pcre package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Slackware Local Security Checks

Nessus Plugin ID: 19858 ()

Bugtraq ID:

CVE ID: CVE-2005-2491