FreeBSD : perl -- multiple vulnerabilities (d9e82328-a129-11e7-987e-4f174049b30a)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

SO-AND-SO reports :

CVE-2017-12814: $ENV{$key} stack-based buffer overflow on Windows

A possible stack-based buffer overflow in the %ENV code on Windows has been
fixed by removing the buffer completely since it was superfluous

CVE-2017-12837: Heap buffer overflow in regular expression compiler

Compiling certain regular expression patterns with the
case-insensitive modifier could cause a heap buffer overflow and crash
perl. This has now been fixed.

CVE-2017-12883: Buffer over-read in regular expression parser

For certain types of syntax error in a regular expression pattern, the
error message could either contain the contents of a random, possibly
large, chunk of memory, or could crash perl. This has now been fixed.

See also :

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 103442 ()

Bugtraq ID:

CVE ID: CVE-2017-12814

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now